Résumé: SELinux is preventing gdm-session-wor (xdm_t) "write" mnt_t. Description détaillée: [SELinux est en mode permissif. Cet accès n'a pas été refusé.] SELinux denied access requested by gdm-session-wor. It is not expected that this access is required by gdm-session-wor and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Autoriser l'accès: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Informations complémentaires: Contexte source system_u:system_r:xdm_t:s0-s0:c0.c1023 Contexte cible system_u:object_r:mnt_t:s0 Objets du contexte /mnt [ dir ] source gdm-session-wor Chemin de la source /usr/libexec/gdm-session-worker Port <Inconnu> Hôte (removed) Paquetages RPM source gdm-2.26.1-13.fc11 Paquetages RPM cible filesystem-2.4.21-1.fc11 Politique RPM selinux-policy-3.6.12-83.fc11 Selinux activé True Type de politique targeted Mode strict Permissive Nom du plugin catchall Nom de l'hôte (removed) Plateforme Linux (removed) 2.6.30.8-64.fc11.i686.PAE #1 SMP Fri Sep 25 04:56:58 EDT 2009 i686 athlon Compteur d'alertes 3 Première alerte dim 11 oct 2009 13:32:52 CEST Dernière alerte dim 11 oct 2009 13:32:52 CEST ID local d4667e20-fa99-4d4b-8495-965df15c1ba5 Numéros des lignes Messages d'audit bruts node=(removed) type=AVC msg=audit(1255260772.72:197): avc: denied { write } for pid=5928 comm="gdm-session-wor" name="mnt" dev=dm-4 ino=1905009 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:mnt_t:s0 tclass=dir node=(removed) type=AVC msg=audit(1255260772.72:197): avc: denied { add_name } for pid=5928 comm="gdm-session-wor" name="Aurore" scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:mnt_t:s0 tclass=dir node=(removed) type=AVC msg=audit(1255260772.72:197): avc: denied { create } for pid=5928 comm="gdm-session-wor" name="Aurore" scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:mnt_t:s0 tclass=dir node=(removed) type=SYSCALL msg=audit(1255260772.72:197): arch=40000003 syscall=39 success=yes exit=0 a0=8b18fd8 a1=1c9 a2=1367d4 a3=8b18fd8 items=0 ppid=5871 pid=5928 auid=4294967295 uid=0 gid=501 euid=0 suid=0 fsuid=0 egid=501 sgid=501 fsgid=501 tty=(none) ses=4294967295 comm="gdm-session-wor" exe="/usr/libexec/gdm-session-worker" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null) Hash String generated from selinux-policy-3.6.12-83.fc11,catchall,gdm-session-wor,xdm_t,mnt_t,dir,write audit2allow suggests: #============= xdm_t ============== allow xdm_t mnt_t:dir { write create add_name };
*** This bug has been marked as a duplicate of bug 538428 ***