Hide Forgot
SELinux is preventing krfcommd from 'write' accesses on the socket Unknown. ***** Plugin catchall (100. confidence) suggests *************************** If you believe that krfcommd should be allowed write access on the Unknown socket by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep krfcommd /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:kernel_t:s0 Target Context system_u:object_r:unlabeled_t:s0 Target Objects Unknown [ socket ] Source krfcommd Source Path krfcommd Port <Unbekannt> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.9.16-1.fc15 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 2.6.38-0.rc8.git0.1.fc15.x86_64 #1 SMP Tue Mar 8 08:22:15 UTC 2011 x86_64 x86_64 Alert Count 1 First Seen So 13 Mär 2011 22:19:12 CET Last Seen So 13 Mär 2011 22:19:12 CET Local ID 3b729af9-6467-4318-9ec4-1a17992b15b2 Raw Audit Messages type=AVC msg=audit(1300051152.917:100): avc: denied { write } for pid=2056 comm="krfcommd" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=socket Hash: krfcommd,kernel_t,unlabeled_t,socket,write audit2allow #============= kernel_t ============== allow kernel_t unlabeled_t:socket write; audit2allow -R #============= kernel_t ============== allow kernel_t unlabeled_t:socket write;
The first time this occured, I did not want to file this bug, because I could not think of anything, that could have caused it. But then it occured two more times in completely different situations, so that I can confirm now, that this bug is at least not obviously related to something, I could influence. For example, the SELinux error came while skyping then another time while writing an email in Thunderbird and again when I was just browsing through the filesystem in a terminal...
Looks like a kernel issue?
Didn't appear for a long time now. I think it's solved.
I can confirm that this bug still occurs with the latest version of Fedora 15 - it's triggered when attempting to perform an OBEX transfer to the host computer; in my case, from my phone to my desktop. The SElinux troubleshooter suggests creating a new policy from the audit log, the entry for krfcommd being: type=AVC msg=audit(1303522756.800:69): avc: denied { write } for pid=1059 comm="krfcommd" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=socket Creating a policy using audit2allow fixes the problem and allows file transfers to occur normally.
I will add this allow for F15 if you have unconfined policy defined.