Summary: SELinux is preventing /usr/libexec/accounts-daemon "rename" access on custom.conf.R47BCV. Detailed Description: [accounts-daemon has a permissive type (accountsd_t). This access was not denied.] SELinux denied access requested by accounts-daemon. It is not expected that this access is required by accounts-daemon and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug report. Additional Information: Source Context system_u:system_r:accountsd_t:s0-s0:c0.c1023 Target Context system_u:object_r:etc_t:s0 Target Objects custom.conf.R47BCV [ file ] Source accounts-daemon Source Path /usr/libexec/accounts-daemon Port <Unknown> Host (removed) Source RPM Packages accountsservice-0.6-2.fc13 Target RPM Packages Policy RPM selinux-policy-3.7.19-10.fc13 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Plugin Name catchall Host Name (removed) Platform Linux (removed) 2.6.33.3-79.fc13.x86_64 #1 SMP Mon May 3 22:37:18 UTC 2010 x86_64 x86_64 Alert Count 3 First Seen Thu 13 May 2010 06:26:57 PM EDT Last Seen Thu 13 May 2010 06:26:57 PM EDT Local ID a633285f-a459-4c4c-81f1-a299dfcc74d4 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1273789617.597:29039): avc: denied { rename } for pid=26500 comm="accounts-daemon" name="custom.conf.R47BCV" dev=dm-0 ino=43243 scontext=system_u:system_r:accountsd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:etc_t:s0 tclass=file node=(removed) type=AVC msg=audit(1273789617.597:29039): avc: denied { add_name remove_name } for pid=26500 comm="accounts-daemon" name="custom.conf" dev=dm-0 ino=43242 scontext=system_u:system_r:accountsd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:etc_t:s0 tclass=dir node=(removed) type=AVC msg=audit(1273789617.597:29039): avc: denied { unlink } for pid=26500 comm="accounts-daemon" name="custom.conf" dev=dm-0 ino=43242 scontext=system_u:system_r:accountsd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:etc_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1273789617.597:29039): arch=c000003e syscall=82 success=yes exit=0 a0=149d8b0 a1=40aa10 a2=149f570 a3=1 items=0 ppid=1 pid=26500 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="accounts-daemon" exe="/usr/libexec/accounts-daemon" subj=system_u:system_r:accountsd_t:s0-s0:c0.c1023 key=(null) Hash String generated from catchall,accounts-daemon,accountsd_t,etc_t,file,rename audit2allow suggests: #============= accountsd_t ============== allow accountsd_t etc_t:dir { remove_name add_name }; allow accountsd_t etc_t:file { rename unlink };
This happened while I was using the new user account dialog.
*** This bug has been marked as a duplicate of bug 592123 ***