Description of problem: Left a VM with an F19 Final RC1 test install running for a while, came back to it to shut it down to test something else and this alert was showing. SELinux is preventing /usr/lib/polkit-1/polkitd from using the 'signal' accesses on a process. ***** Plugin catchall (100. confidence) suggests *************************** If you believe that polkitd should be allowed signal access on processes labeled policykit_auth_t by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep polkitd /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:policykit_t:s0 Target Context system_u:system_r:policykit_auth_t:s0 Target Objects [ process ] Source polkitd Source Path /usr/lib/polkit-1/polkitd Port <Unknown> Host (removed) Source RPM Packages polkit-0.111-2.fc19.x86_64 Target RPM Packages Policy RPM selinux-policy-3.12.1-54.fc19.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 3.9.5-301.fc19.x86_64 #1 SMP Tue Jun 11 19:39:38 UTC 2013 x86_64 x86_64 Alert Count 4 First Seen 2013-06-25 10:01:22 PDT Last Seen 2013-06-25 11:20:17 PDT Local ID b94a241d-d453-4a4e-8b7b-a7c9cd37d36f Raw Audit Messages type=AVC msg=audit(1372184417.200:440): avc: denied { signal } for pid=432 comm="polkitd" scontext=system_u:system_r:policykit_t:s0 tcontext=system_u:system_r:policykit_auth_t:s0 tclass=process type=SYSCALL msg=audit(1372184417.200:440): arch=x86_64 syscall=kill success=no exit=EACCES a0=7e5 a1=f a2=7f04bf203ed0 a3=0 items=0 ppid=1 pid=432 auid=4294967295 uid=999 gid=999 euid=999 suid=999 fsuid=999 egid=999 sgid=999 fsgid=999 ses=4294967295 tty=(none) comm=polkitd exe=/usr/lib/polkit-1/polkitd subj=system_u:system_r:policykit_t:s0 key=(null) Hash: polkitd,policykit_t,policykit_auth_t,process,signal Additional info: reporter: libreport-2.1.5 hashmarkername: setroubleshoot kernel: 3.9.5-301.fc19.x86_64 type: libreport
commit 81c149833ddb511b89245eac8a0db6837949a9b8 Author: Miroslav Grepl <mgrepl> Date: Wed Jun 26 15:37:17 2013 +0200 Allow policykit to send a signal to policykit-auth
selinux-policy-3.12.1-57.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/selinux-policy-3.12.1-57.fc19
Package selinux-policy-3.12.1-57.fc19: * should fix your issue, * was pushed to the Fedora 19 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing selinux-policy-3.12.1-57.fc19' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2013-11846/selinux-policy-3.12.1-57.fc19 then log in and leave karma (feedback).
Description of problem: This seems to happen when I suspend or resume. Additional info: reporter: libreport-2.1.5 hashmarkername: setroubleshoot kernel: 3.9.6-301.fc19.x86_64 type: libreport
selinux-policy-3.12.1-57.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.