Summary: Detailed Description: [shutdown has a permissive type (shutdown_t). This access was not denied.] SELinux denied access requested by shutdown. It is not expected that this access is required by shutdown and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug report. Additional Information: Source Context unconfined_u:unconfined_r:shutdown_t:s0-s0:c0.c102 3 Target Context system_u:system_r:init_t:s0 Target Objects [ unix_stream_socket ] Source shutdown Source Path /sbin/shutdown Port <Unknown> Host (removed) Source RPM Packages upstart-0.6.5-3.fc13 Target RPM Packages filesystem-2.4.31-1.fc13 Policy RPM selinux-policy-3.7.15-4.fc13 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Plugin Name catchall Host Name (removed) Platform Linux delilah.armitage.org.uk 2.6.33-1.fc13.i686.PAE #1 SMP Wed Feb 24 19:54:49 UTC 2010 i686 i686 Alert Count 1 First Seen Wed 24 Mar 2010 22:23:41 GMT Last Seen Wed 24 Mar 2010 22:23:41 GMT Local ID da497a2e-579b-4f2e-8815-64f70a8a7d08 Line Numbers Raw Audit Messages node=delilah.armitage.org.uk type=AVC msg=audit(1269469421.186:324): avc: denied { connectto } for pid=26854 comm="shutdown" path=002F636F6D2F7562756E74752F75707374617274 scontext=unconfined_u:unconfined_r:shutdown_t:s0-s0:c0.c1023 tcontext=system_u:system_r:init_t:s0 tclass=unix_stream_socket node=delilah.armitage.org.uk type=SYSCALL msg=audit(1269469421.186:324): arch=40000003 syscall=102 success=yes exit=0 a0=3 a1=bf9b8e10 a2=66cff4 a3=bf9b8fbc items=0 ppid=26629 pid=26854 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=1 comm="shutdown" exe="/sbin/shutdown" subj=unconfined_u:unconfined_r:shutdown_t:s0-s0:c0.c1023 key=(null) This occured during a shutdown following a yum update. The details of the update are below. yum update details ============ Loaded plugins: langpacks, presto, refresh-packagekit Adding en_GB to language list Transaction ID : 72 Begin time : Wed Mar 24 20:41:37 2010 Begin rpmdb : 1391:5b2c99bb1a85610891a1e4d6b161e255db9caef9 End time : 20:56:57 2010 (920 seconds) End rpmdb : 1394:464f2617a1f3aa66d6c69cc0081d22307ecc4c0b User : Quentin Armitage <quentin> Return-Code : Success Transaction performed with: Installed rpm-4.8.0-10.fc13.i686 Installed yum-3.2.27-2.fc13.noarch Installed yum-presto-0.6.2-1.fc13.noarch Packages Altered: Updated authconfig-6.0.2-1.fc13.i686 Update 6.1.1-1.fc13.i686 Updated authconfig-gtk-6.0.2-1.fc13.i686 Update 6.1.1-1.fc13.i686 Updated dhclient-12:4.1.1-12.fc13.i686 Update 12:4.1.1-13.fc13.i686 Updated fedora-bookmarks-11-2.noarch Update 13-1.noarch Updated firefox-3.6.1-1.fc13.i686 Update 3.6.2-1.fc13.i686 Updated glibc-2.11.90-15.i686 Update 2.11.90-16.i686 Updated glibc-common-2.11.90-15.i686 Update 2.11.90-16.i686 Updated glibc-devel-2.11.90-15.i686 Update 2.11.90-16.i686 Updated glibc-headers-2.11.90-15.i686 Update 2.11.90-16.i686 Updated gnome-python2-extras-2.25.3-15.fc13.i686 Update 2.25.3-16.fc13.i686 Updated gnome-python2-gtkhtml2-2.25.3-15.fc13.i686 Update 2.25.3-16.fc13.i686 Updated gnome-python2-libegg-2.25.3-15.fc13.i686 Update 2.25.3-16.fc13.i686 Updated ibus-1.2.99.20100202-1.fc13.i686 Update 1.3.0-2.fc13.i686 Updated ibus-gtk-1.2.99.20100202-1.fc13.i686 Update 1.3.0-2.fc13.i686 Updated ibus-libs-1.2.99.20100202-1.fc13.i686 Update 1.3.0-2.fc13.i686 Install kernel-PAE-2.6.33.1-19.fc13.i686 Install kernel-devel-2.6.33.1-19.fc13.i686 Updated kernel-headers-2.6.33-1.fc13.i686 Update 2.6.33.1-19.fc13.i686 Dep-Install libdwarf-0.20090324-5.fc12.i686 Updated nscd-2.11.90-15.i686 Update 2.11.90-16.i686 Updated perf-2.6.33-1.fc13.noarch Update 2.6.33.1-19.fc13.noarch Updated ql2400-firmware-5.03.01-1.fc13.noarch Update 5.03.02-1.fc13.noarch Updated ql2500-firmware-5.03.01-1.fc13.noarch Update 5.03.02-1.fc13.noarch Updated qt-1:4.6.2-7.fc13.i686 Update 1:4.6.2-8.fc13.i686 Updated qt-sqlite-1:4.6.2-7.fc13.i686 Update 1:4.6.2-8.fc13.i686 Updated qt-x11-1:4.6.2-7.fc13.i686 Update 1:4.6.2-8.fc13.i686 Updated smolt-1.4.2-1.fc13.noarch Update 1.4.2.2-1.fc13.noarch Updated smolt-firstboot-1.4.2-1.fc13.noarch Update 1.4.2.2-1.fc13.noarch Updated system-config-printer-1.2.0-1.fc13.i686 Update 1.2.0-4.fc13.i686 Updated system-config-printer-libs-1.2.0-1.fc13.i686 Update 1.2.0-4.fc13.i686 Updated system-config-printer-udev-1.2.0-1.fc13.i686 Update 1.2.0-4.fc13.i686 Updated xulrunner-1.9.2.1-1.fc13.i686 Update 1.9.2.2-1.fc13.i686 history info Please note the SELinux did not add a summary line, and so this could not be reported via the SELinux Security Alerts tool.
Fixed in selinux-policy-3.7.16-1.fc13.noarch
selinux-policy-3.7.16-1.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/selinux-policy-3.7.16-1.fc13
*** Bug 578395 has been marked as a duplicate of this bug. ***
selinux-policy-3.7.16-2.fc13 has been pushed to the Fedora 13 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update selinux-policy'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/selinux-policy-3.7.16-2.fc13
This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component.
This message is a reminder that Fedora 13 is nearing its end of life. Approximately 30 (thirty) days from now Fedora will stop maintaining and issuing updates for Fedora 13. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as WONTFIX if it remains open with a Fedora 'version' of '13'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version prior to Fedora 13's end of life. Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Fedora 13 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora please change the 'version' of this bug to the applicable version. If you are unable to change the version, please add a comment here and someone will do it for you. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
It appears that this issue was resolved in March last year, but the bug report was not closed. I am unable to test this now since the system is no longer running F-13.