Résumé: SELinux is preventing kdm_greet (xdm_t) "connectto" unconfined_t. Description détaillée: SELinux denied access requested by kdm_greet. It is not expected that this access is required by kdm_greet and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Autoriser l'accès: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Informations complémentaires: Contexte source system_u:system_r:xdm_t:s0-s0:c0.c1023 Contexte cible unconfined_u:unconfined_r:unconfined_t:s0 Objets du contexte 002F746D702F646275732D583870536E346544466E [ unix_stream_socket ] source kdm_greet Chemin de la source /usr/libexec/kde4/kdm_greet Port <Inconnu> Hôte (removed) Paquetages RPM source kdm-4.3.0-9.fc11 Paquetages RPM cible Politique RPM selinux-policy-3.6.12-80.fc11 Selinux activé True Type de politique targeted Mode strict Enforcing Nom du plugin catchall Nom de l'hôte (removed) Plateforme Linux (removed) 2.6.29.6-217.2.16.fc11.x86_64 #1 SMP Mon Aug 24 17:17:40 EDT 2009 x86_64 x86_64 Compteur d'alertes 1 Première alerte mar. 01 sept. 2009 13:47:28 CEST Dernière alerte mar. 01 sept. 2009 13:47:28 CEST ID local eb7d6a8e-b099-4b99-bdd0-5a8f12e14d17 Numéros des lignes Messages d'audit bruts node=(removed) type=AVC msg=audit(1251805648.947:146): avc: denied { connectto } for pid=6882 comm="kdm_greet" path=002F746D702F646275732D583870536E346544466E scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=unix_stream_socket node=(removed) type=SYSCALL msg=audit(1251805648.947:146): arch=c000003e syscall=42 success=no exit=-13 a0=9 a1=7fff7ba36f80 a2=17 a3=0 items=0 ppid=2002 pid=6882 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=1 comm="kdm_greet" exe="/usr/libexec/kde4/kdm_greet" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null) Hash String generated from selinux-policy-3.6.12-80.fc11,catchall,kdm_greet,xdm_t,unconfined_t,unix_stream_socket,connectto audit2allow suggests: #============= xdm_t ============== #!!!! This avc is allowed in the current policy allow xdm_t unconfined_t:unix_stream_socket connectto;
*** This bug has been marked as a duplicate of bug 560450 ***