Hide Forgot
Summary: SELinux is preventing /usr/libexec/polkit-1/polkit-agent-helper-1 "execute" access on /usr/libexec/polkit-1/polkit-agent-helper-1. Detailed Description: [SELinux is in permissive mode. This access was not denied.] SELinux denied access requested by polkit-agent-he. It is not expected that this access is required by polkit-agent-he and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug report. Additional Information: Source Context sysadm_u:sysadm_r:oddjob_mkhomedir_t:s0-s0:c0.c102 3 Target Context system_u:object_r:policykit_auth_exec_t:s0 Target Objects /usr/libexec/polkit-1/polkit-agent-helper-1 [ file ] Source polkit-agent-he Source Path /usr/libexec/polkit-1/polkit-agent-helper-1 Port <Unknown> Host (removed) Source RPM Packages polkit-0.96-1.fc13 Target RPM Packages polkit-0.96-1.fc13 Policy RPM selinux-policy-3.7.19-69.fc13 Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Plugin Name catchall Host Name (removed) Platform Linux (removed) 2.6.34.7-61.fc13.i686 #1 SMP Tue Oct 19 04:42:47 UTC 2010 i686 i686 Alert Count 3 First Seen Thu 20 Jan 2011 10:53:34 PM MST Last Seen Thu 20 Jan 2011 10:53:34 PM MST Local ID 7aabe5ee-fe9e-470a-8887-70226d04c737 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1295589214.131:26096): avc: denied { execute } for pid=2482 comm="polkit-gnome-au" name="polkit-agent-helper-1" dev=dm-0 ino=6462 scontext=sysadm_u:sysadm_r:oddjob_mkhomedir_t:s0-s0:c0.c1023 tcontext=system_u:object_r:policykit_auth_exec_t:s0 tclass=file node=(removed) type=AVC msg=audit(1295589214.131:26096): avc: denied { read open } for pid=2482 comm="polkit-gnome-au" name="polkit-agent-helper-1" dev=dm-0 ino=6462 scontext=sysadm_u:sysadm_r:oddjob_mkhomedir_t:s0-s0:c0.c1023 tcontext=system_u:object_r:policykit_auth_exec_t:s0 tclass=file node=(removed) type=AVC msg=audit(1295589214.131:26096): avc: denied { execute_no_trans } for pid=2482 comm="polkit-gnome-au" path="/usr/libexec/polkit-1/polkit-agent-helper-1" dev=dm-0 ino=6462 scontext=sysadm_u:sysadm_r:oddjob_mkhomedir_t:s0-s0:c0.c1023 tcontext=system_u:object_r:policykit_auth_exec_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1295589214.131:26096): arch=40000003 syscall=11 success=yes exit=0 a0=3517b4 a1=bfac19ec a2=bfac1ccc a3=bfac19ec items=0 ppid=1906 pid=2482 auid=500 uid=500 gid=493 euid=0 suid=0 fsuid=0 egid=493 sgid=493 fsgid=493 tty=(none) ses=1 comm="polkit-agent-he" exe="/usr/libexec/polkit-1/polkit-agent-helper-1" subj=sysadm_u:sysadm_r:oddjob_mkhomedir_t:s0-s0:c0.c1023 key=(null) Hash String generated from catchall,polkit-agent-he,oddjob_mkhomedir_t,policykit_auth_exec_t,file,execute audit2allow suggests: #============= oddjob_mkhomedir_t ============== allow oddjob_mkhomedir_t policykit_auth_exec_t:file { read execute open execute_no_trans };
*** This bug has been marked as a duplicate of bug 671607 ***