Summary SELinux is preventing /usr/bin/ssh-agent (hotplug_t) "create" to ssh- jASrzL3044 (samba_share_t). Detailed Description SELinux denied access requested by /usr/bin/ssh-agent. It is not expected that this access is required by /usr/bin/ssh-agent and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for ssh-jASrzL3044, restorecon -v ssh-jASrzL3044 If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. Additional Information Source Context user_u:system_r:hotplug_t Target Context user_u:object_r:samba_share_t Target Objects ssh-jASrzL3044 [ dir ] Affected RPM Packages openssh-clients-4.5p1-6.fc7 [application] Policy RPM selinux-policy-2.6.4-25.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.catchall_file Host Name living.lankheet.com Platform Linux living.lankheet.com 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686 i686 Alert Count 1 First Seen Wed 11 Jul 2007 09:39:12 PM CEST Last Seen Wed 11 Jul 2007 09:39:12 PM CEST Local ID cc8f5919-2565-4ebf-94dc-57038e4e2427 Line Numbers Raw Audit Messages avc: denied { create } for comm="ssh-agent" dev=dm-0 egid=500 euid=500 exe="/usr/bin/ssh-agent" exit=0 fsgid=500 fsuid=500 gid=500 items=0 name="ssh- jASrzL3044" pid=3044 scontext=user_u:system_r:hotplug_t:s0 sgid=99 subj=user_u:system_r:hotplug_t:s0 suid=500 tclass=dir tcontext=user_u:object_r:samba_share_t:s0 tty=(none) uid=500 Summary SELinux is preventing /usr/bin/ssh-agent (hotplug_t) "create" to agent.3044 (samba_share_t). Detailed Description SELinux denied access requested by /usr/bin/ssh-agent. It is not expected that this access is required by /usr/bin/ssh-agent and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for agent.3044, restorecon -v agent.3044 If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. Additional Information Source Context user_u:system_r:hotplug_t Target Context user_u:object_r:samba_share_t Target Objects agent.3044 [ sock_file ] Affected RPM Packages openssh-clients-4.5p1-6.fc7 [application] Policy RPM selinux-policy-2.6.4-25.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.catchall_file Host Name living.lankheet.com Platform Linux living.lankheet.com 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686 i686 Alert Count 1 First Seen Wed 11 Jul 2007 09:39:12 PM CEST Last Seen Wed 11 Jul 2007 09:39:12 PM CEST Local ID a7ce378b-77d6-43bf-9517-5a123b442750 Line Numbers Raw Audit Messages avc: denied { create } for comm="ssh-agent" dev=dm-0 egid=500 euid=500 exe="/usr/bin/ssh-agent" exit=0 fsgid=500 fsuid=500 gid=500 items=0 name="agent.3044" pid=3044 scontext=user_u:system_r:hotplug_t:s0 sgid=99 subj=user_u:system_r:hotplug_t:s0 suid=500 tclass=sock_file tcontext=user_u:object_r:samba_share_t:s0 tty=(none) uid=500 Summary SELinux is preventing /usr/libexec/gconfd-2 (hotplug_t) "lock" to /tmp /gconfd-jeroen/lock/0t1184182753ut773209u500p3160r1898720419k3216382600 (samba_share_t). Detailed Description SELinux denied access requested by /usr/libexec/gconfd-2. It is not expected that this access is required by /usr/libexec/gconfd-2 and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for /tmp/gconfd- jeroen/lock/0t1184182753ut773209u500p3160r1898720419k3216382600, restorecon -v /tmp/gconfd- jeroen/lock/0t1184182753ut773209u500p3160r1898720419k3216382600 If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. Additional Information Source Context user_u:system_r:hotplug_t Target Context user_u:object_r:samba_share_t Target Objects /tmp/gconfd-jeroen/lock/0t1184182753ut773209u500p3 160r1898720419k3216382600 [ file ] Affected RPM Packages GConf2-2.18.0.1-2.fc7 [application] Policy RPM selinux-policy-2.6.4-25.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.catchall_file Host Name living.lankheet.com Platform Linux living.lankheet.com 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686 i686 Alert Count 1 First Seen Wed 11 Jul 2007 09:39:13 PM CEST Last Seen Wed 11 Jul 2007 09:39:13 PM CEST Local ID 3860f0ee-0ce5-45b2-a737-b6397da8d623 Line Numbers Raw Audit Messages avc: denied { lock } for comm="gconfd-2" dev=dm-0 egid=500 euid=500 exe="/usr/libexec/gconfd-2" exit=0 fsgid=500 fsuid=500 gid=500 items=0 name="0t1184182753ut773209u500p3160r1898720419k3216382600" path="/tmp/gconfd- jeroen/lock/0t1184182753ut773209u500p3160r1898720419k3216382600" pid=3160 scontext=user_u:system_r:hotplug_t:s0 sgid=500 subj=user_u:system_r:hotplug_t:s0 suid=500 tclass=file tcontext=user_u:object_r:samba_share_t:s0 tty=(none) uid=500 Summary SELinux is preventing /usr/libexec/gconfd-2 (hotplug_t) "link" to 0t1184182753ut773209u500p3160r1898720419k3216382600 (samba_share_t). Detailed Description SELinux denied access requested by /usr/libexec/gconfd-2. It is not expected that this access is required by /usr/libexec/gconfd-2 and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for 0t1184182753ut773209u500p3160r1898720419k3216382600, restorecon -v 0t1184182753ut773209u500p3160r1898720419k3216382600 If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. Additional Information Source Context user_u:system_r:hotplug_t Target Context user_u:object_r:samba_share_t Target Objects 0t1184182753ut773209u500p3160r1898720419k321638260 0 [ file ] Affected RPM Packages GConf2-2.18.0.1-2.fc7 [application] Policy RPM selinux-policy-2.6.4-25.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.catchall_file Host Name living.lankheet.com Platform Linux living.lankheet.com 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686 i686 Alert Count 1 First Seen Wed 11 Jul 2007 09:39:13 PM CEST Last Seen Wed 11 Jul 2007 09:39:13 PM CEST Local ID 2f6ba3ad-76fe-4e2b-9d83-0ed36b110d2f Line Numbers Raw Audit Messages avc: denied { link } for comm="gconfd-2" dev=dm-0 egid=500 euid=500 exe="/usr/libexec/gconfd-2" exit=0 fsgid=500 fsuid=500 gid=500 items=0 name="0t1184182753ut773209u500p3160r1898720419k3216382600" pid=3160 scontext=user_u:system_r:hotplug_t:s0 sgid=500 subj=user_u:system_r:hotplug_t:s0 suid=500 tclass=file tcontext=user_u:object_r:samba_share_t:s0 tty=(none) uid=500 Summary SELinux is preventing /usr/libexec/gconfd-2 (hotplug_t) "unlink" to 0t1184182753ut773209u500p3160r1898720419k3216382600 (samba_share_t). Detailed Description SELinux denied access requested by /usr/libexec/gconfd-2. It is not expected that this access is required by /usr/libexec/gconfd-2 and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for 0t1184182753ut773209u500p3160r1898720419k3216382600, restorecon -v 0t1184182753ut773209u500p3160r1898720419k3216382600 If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. Additional Information Source Context user_u:system_r:hotplug_t Target Context user_u:object_r:samba_share_t Target Objects 0t1184182753ut773209u500p3160r1898720419k321638260 0 [ file ] Affected RPM Packages GConf2-2.18.0.1-2.fc7 [application] Policy RPM selinux-policy-2.6.4-25.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.catchall_file Host Name living.lankheet.com Platform Linux living.lankheet.com 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686 i686 Alert Count 1 First Seen Wed 11 Jul 2007 09:39:13 PM CEST Last Seen Wed 11 Jul 2007 09:39:13 PM CEST Local ID 8366a58e-046d-454d-8959-e26277109dc5 Line Numbers Raw Audit Messages avc: denied { unlink } for comm="gconfd-2" dev=dm-0 egid=500 euid=500 exe="/usr/libexec/gconfd-2" exit=0 fsgid=500 fsuid=500 gid=500 items=0 name="0t1184182753ut773209u500p3160r1898720419k3216382600" pid=3160 scontext=user_u:system_r:hotplug_t:s0 sgid=500 subj=user_u:system_r:hotplug_t:s0 suid=500 tclass=file tcontext=user_u:object_r:samba_share_t:s0 tty=(none) uid=500 Summary SELinux is preventing /usr/bin/gnome-session (hotplug_t) "connectto" to /tmp /orbit-jeroen/linc-c58-0-39af5a27bc7a6 (hotplug_t). Detailed Description SELinux denied access requested by /usr/bin/gnome-session. It is not expected that this access is required by /usr/bin/gnome-session and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access You can generate a local policy module to allow this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. Additional Information Source Context user_u:system_r:hotplug_t Target Context user_u:system_r:hotplug_t Target Objects /tmp/orbit-jeroen/linc-c58-0-39af5a27bc7a6 [ unix_stream_socket ] Affected RPM Packages gnome-session-2.18.3-1.fc7 [application] Policy RPM selinux-policy-2.6.4-25.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.catchall Host Name living.lankheet.com Platform Linux living.lankheet.com 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686 i686 Alert Count 1 First Seen Wed 11 Jul 2007 09:39:13 PM CEST Last Seen Wed 11 Jul 2007 09:39:13 PM CEST Local ID 0a8f0c20-d75e-4215-afba-5fe8d2e5cecf Line Numbers Raw Audit Messages avc: denied { connectto } for comm="gnome-session" dev=dm-0 egid=500 euid=500 exe="/usr/bin/gnome-session" exit=0 fsgid=500 fsuid=500 gid=500 items=0 name="linc-c58-0-39af5a27bc7a6" path="/tmp/orbit- jeroen/linc-c58-0-39af5a27bc7a6" pid=3044 scontext=user_u:system_r:hotplug_t:s0 sgid=500 subj=user_u:system_r:hotplug_t:s0 suid=500 tclass=unix_stream_socket tcontext=user_u:system_r:hotplug_t:s0 tty=(none) uid=500 Summary SELinux is preventing access to files with the label, file_t. Detailed Description SELinux permission checks on files labeled file_t are being denied. file_t is the context the SELinux kernel gives to files that do not have a label. This indicates a serious labeling problem. No files on an SELinux box should ever be labeled file_t. If you have just added a new disk drive to the system you can relabel it using the restorecon command. Otherwise you should relabel the entire files system. Allowing Access You can execute the following command as root to relabel your computer system: "touch /.autorelabel; reboot" Additional Information Source Context user_u:system_r:hotplug_t Target Context system_u:object_r:file_t Target Objects /home/jeroen/.gconfd/saved_state [ file ] Affected RPM Packages GConf2-2.18.0.1-2.fc7 [application] Policy RPM selinux-policy-2.6.4-25.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.file Host Name living.lankheet.com Platform Linux living.lankheet.com 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686 i686 Alert Count 1 First Seen Wed 11 Jul 2007 09:39:13 PM CEST Last Seen Wed 11 Jul 2007 09:39:13 PM CEST Local ID c339b7f3-f95e-421e-bad8-0160e715e1bc Line Numbers Raw Audit Messages avc: denied { getattr } for comm="gconfd-2" dev=dm-0 egid=500 euid=500 exe="/usr/libexec/gconfd-2" exit=0 fsgid=500 fsuid=500 gid=500 items=0 name="saved_state" path="/home/jeroen/.gconfd/saved_state" pid=3160 scontext=user_u:system_r:hotplug_t:s0 sgid=500 subj=user_u:system_r:hotplug_t:s0 suid=500 tclass=file tcontext=system_u:object_r:file_t:s0 tty=(none) uid=500 Summary SELinux is preventing access to files with the label, file_t. Detailed Description SELinux permission checks on files labeled file_t are being denied. file_t is the context the SELinux kernel gives to files that do not have a label. This indicates a serious labeling problem. No files on an SELinux box should ever be labeled file_t. If you have just added a new disk drive to the system you can relabel it using the restorecon command. Otherwise you should relabel the entire files system. Allowing Access You can execute the following command as root to relabel your computer system: "touch /.autorelabel; reboot" Additional Information Source Context user_u:system_r:hotplug_t Target Context system_u:object_r:file_t Target Objects saved_state [ file ] Affected RPM Packages GConf2-2.18.0.1-2.fc7 [application] Policy RPM selinux-policy-2.6.4-25.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.file Host Name living.lankheet.com Platform Linux living.lankheet.com 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686 i686 Alert Count 1 First Seen Wed 11 Jul 2007 09:39:13 PM CEST Last Seen Wed 11 Jul 2007 09:39:13 PM CEST Local ID f5740b4c-e432-4625-b471-854cc0544b97 Line Numbers Raw Audit Messages avc: denied { append } for comm="gconfd-2" dev=dm-0 egid=500 euid=500 exe="/usr/libexec/gconfd-2" exit=14 fsgid=500 fsuid=500 gid=500 items=0 name="saved_state" pid=3160 scontext=user_u:system_r:hotplug_t:s0 sgid=500 subj=user_u:system_r:hotplug_t:s0 suid=500 tclass=file tcontext=system_u:object_r:file_t:s0 tty=(none) uid=500 Summary SELinux is preventing access to files with the label, file_t. Detailed Description SELinux permission checks on files labeled file_t are being denied. file_t is the context the SELinux kernel gives to files that do not have a label. This indicates a serious labeling problem. No files on an SELinux box should ever be labeled file_t. If you have just added a new disk drive to the system you can relabel it using the restorecon command. Otherwise you should relabel the entire files system. Allowing Access You can execute the following command as root to relabel your computer system: "touch /.autorelabel; reboot" Additional Information Source Context user_u:system_r:hotplug_t Target Context system_u:object_r:file_t Target Objects saved_state [ file ] Affected RPM Packages GConf2-2.18.0.1-2.fc7 [application] Policy RPM selinux-policy-2.6.4-25.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.file Host Name living.lankheet.com Platform Linux living.lankheet.com 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686 i686 Alert Count 1 First Seen Wed 11 Jul 2007 09:39:13 PM CEST Last Seen Wed 11 Jul 2007 09:39:13 PM CEST Local ID 31ae1a2a-21cf-42db-93ac-65d3ca96bbe3 Line Numbers Raw Audit Messages avc: denied { read } for comm="gconfd-2" dev=dm-0 egid=500 euid=500 exe="/usr/libexec/gconfd-2" exit=6 fsgid=500 fsuid=500 gid=500 items=0 name="saved_state" pid=3160 scontext=user_u:system_r:hotplug_t:s0 sgid=500 subj=user_u:system_r:hotplug_t:s0 suid=500 tclass=file tcontext=system_u:object_r:file_t:s0 tty=(none) uid=500 Summary SELinux is preventing /usr/libexec/gconfd-2 (hotplug_t) "create" to 0t1184182753ut773209u500p3160r1898720419k3216382600 (samba_share_t). Detailed Description SELinux denied access requested by /usr/libexec/gconfd-2. It is not expected that this access is required by /usr/libexec/gconfd-2 and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for 0t1184182753ut773209u500p3160r1898720419k3216382600, restorecon -v 0t1184182753ut773209u500p3160r1898720419k3216382600 If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. Additional Information Source Context user_u:system_r:hotplug_t Target Context user_u:object_r:samba_share_t Target Objects 0t1184182753ut773209u500p3160r1898720419k321638260 0 [ file ] Affected RPM Packages GConf2-2.18.0.1-2.fc7 [application] Policy RPM selinux-policy-2.6.4-25.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.catchall_file Host Name living.lankheet.com Platform Linux living.lankheet.com 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686 i686 Alert Count 1 First Seen Wed 11 Jul 2007 09:39:13 PM CEST Last Seen Wed 11 Jul 2007 09:39:13 PM CEST Local ID a51cc833-dfbc-4d15-af92-75fa18b1ef6a Line Numbers Raw Audit Messages avc: denied { create } for comm="gconfd-2" egid=500 euid=500 exe="/usr/libexec/gconfd-2" exit=13 fsgid=500 fsuid=500 gid=500 items=0 name="0t1184182753ut773209u500p3160r1898720419k3216382600" pid=3160 scontext=user_u:system_r:hotplug_t:s0 sgid=500 subj=user_u:system_r:hotplug_t:s0 suid=500 tclass=file tcontext=user_u:object_r:samba_share_t:s0 tty=(none) uid=500 Summary SELinux is preventing /usr/libexec/gconfd-2 (hotplug_t) "write" to /tmp /gconfd-jeroen/lock/0t1184182753ut773209u500p3160r1898720419k3216382600 (deleted) (samba_share_t). Detailed Description SELinux denied access requested by /usr/libexec/gconfd-2. It is not expected that this access is required by /usr/libexec/gconfd-2 and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for /tmp/gconfd- jeroen/lock/0t1184182753ut773209u500p3160r1898720419k3216382600 (deleted), restorecon -v /tmp/gconfd- jeroen/lock/0t1184182753ut773209u500p3160r1898720419k3216382600 (deleted) If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. Additional Information Source Context user_u:system_r:hotplug_t Target Context user_u:object_r:samba_share_t Target Objects /tmp/gconfd-jeroen/lock/0t1184182753ut773209u500p3 160r1898720419k3216382600 (deleted) [ file ] Affected RPM Packages GConf2-2.18.0.1-2.fc7 [application] Policy RPM selinux-policy-2.6.4-25.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.catchall_file Host Name living.lankheet.com Platform Linux living.lankheet.com 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686 i686 Alert Count 1 First Seen Wed 11 Jul 2007 09:39:13 PM CEST Last Seen Wed 11 Jul 2007 09:39:13 PM CEST Local ID 43c80050-c84a-41d4-8710-27af12989f70 Line Numbers Raw Audit Messages avc: denied { write } for comm="gconfd-2" dev=dm-0 egid=500 euid=500 exe="/usr/libexec/gconfd-2" exit=5 fsgid=500 fsuid=500 gid=500 items=0 name="0t1184182753ut773209u500p3160r1898720419k3216382600" path=2F746D702F67636F 6E66642D6A65726F656E2F6C6F636B2F307431313834313832373533757437373332303975353030 703331363072313839383732303431396B33323136333832363030202864656C6574656429 pid=3160 scontext=user_u:system_r:hotplug_t:s0 sgid=500 subj=user_u:system_r:hotplug_t:s0 suid=500 tclass=file tcontext=user_u:object_r:samba_share_t:s0 tty=(none) uid=500 Summary SELinux is preventing /usr/libexec/gconf-sanity-check-2 (hotplug_t) "unlink" to linc-c59-0-59aed03f1175c (samba_share_t). Detailed Description SELinux denied access requested by /usr/libexec/gconf-sanity-check-2. It is not expected that this access is required by /usr/libexec/gconf-sanity- check-2 and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for linc-c59-0-59aed03f1175c, restorecon -v linc-c59-0-59aed03f1175c If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. Additional Information Source Context user_u:system_r:hotplug_t Target Context user_u:object_r:samba_share_t Target Objects linc-c59-0-59aed03f1175c [ sock_file ] Affected RPM Packages GConf2-gtk-2.18.0.1-2.fc7 [application] Policy RPM selinux-policy-2.6.4-25.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.catchall_file Host Name living.lankheet.com Platform Linux living.lankheet.com 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686 i686 Alert Count 1 First Seen Wed 11 Jul 2007 09:39:14 PM CEST Last Seen Wed 11 Jul 2007 09:39:14 PM CEST Local ID 487b5ccc-0e79-46c6-9f0f-b6dbc926873e Line Numbers Raw Audit Messages avc: denied { unlink } for comm="gconf-sanity-ch" dev=dm-0 egid=500 euid=500 exe="/usr/libexec/gconf-sanity-check-2" exit=0 fsgid=500 fsuid=500 gid=500 items=0 name="linc-c59-0-59aed03f1175c" pid=3161 scontext=user_u:system_r:hotplug_t:s0 sgid=500 subj=user_u:system_r:hotplug_t:s0 suid=500 tclass=sock_file tcontext=user_u:object_r:samba_share_t:s0 tty=(none) uid=500 Summary SELinux is preventing /usr/libexec/gconf-sanity-check-2 (hotplug_t) "remove_name" to gconf-test-locking-file-H819UT (samba_share_t). Detailed Description SELinux denied access requested by /usr/libexec/gconf-sanity-check-2. It is not expected that this access is required by /usr/libexec/gconf-sanity- check-2 and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for gconf-test-locking-file-H819UT, restorecon -v gconf-test-locking-file-H819UT If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. Additional Information Source Context user_u:system_r:hotplug_t Target Context system_u:object_r:samba_share_t Target Objects gconf-test-locking-file-H819UT [ dir ] Affected RPM Packages GConf2-gtk-2.18.0.1-2.fc7 [application] Policy RPM selinux-policy-2.6.4-25.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.catchall_file Host Name living.lankheet.com Platform Linux living.lankheet.com 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686 i686 Alert Count 1 First Seen Wed 11 Jul 2007 09:39:14 PM CEST Last Seen Wed 11 Jul 2007 09:39:14 PM CEST Local ID ded02b25-5b70-44c6-9ef8-b9834a7bfd0b Line Numbers Raw Audit Messages avc: denied { remove_name } for comm="gconf-sanity-ch" dev=dm-0 egid=500 euid=500 exe="/usr/libexec/gconf-sanity-check-2" exit=0 fsgid=500 fsuid=500 gid=500 items=0 name="gconf-test-locking-file-H819UT" pid=3161 scontext=user_u:system_r:hotplug_t:s0 sgid=500 subj=user_u:system_r:hotplug_t:s0 suid=500 tclass=dir tcontext=system_u:object_r:samba_share_t:s0 tty=(none) uid=500 Summary SELinux is preventing access to files with the label, file_t. Detailed Description SELinux permission checks on files labeled file_t are being denied. file_t is the context the SELinux kernel gives to files that do not have a label. This indicates a serious labeling problem. No files on an SELinux box should ever be labeled file_t. If you have just added a new disk drive to the system you can relabel it using the restorecon command. Otherwise you should relabel the entire files system. Allowing Access You can execute the following command as root to relabel your computer system: "touch /.autorelabel; reboot" Additional Information Source Context user_u:system_r:hotplug_t Target Context system_u:object_r:file_t Target Objects .gtk-bookmarks [ file ] Affected RPM Packages xdg-user-dirs-gtk-0.5-1.fc7 [application] Policy RPM selinux-policy-2.6.4-25.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.file Host Name living.lankheet.com Platform Linux living.lankheet.com 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686 i686 Alert Count 1 First Seen Wed 11 Jul 2007 09:39:17 PM CEST Last Seen Wed 11 Jul 2007 09:39:17 PM CEST Local ID ee98b859-0d82-4b0e-b7e3-5c5c8b930e61 Line Numbers Raw Audit Messages avc: denied { unlink } for comm="xdg-user-dirs-g" dev=dm-0 egid=500 euid=500 exe="/usr/bin/xdg-user-dirs-gtk-update" exit=0 fsgid=500 fsuid=500 gid=500 items=0 name=".gtk-bookmarks" pid=3188 scontext=user_u:system_r:hotplug_t:s0 sgid=500 subj=user_u:system_r:hotplug_t:s0 suid=500 tclass=file tcontext=system_u:object_r:file_t:s0 tty=(none) uid=500 Summary SELinux is preventing /usr/bin/gnome-volume-manager (hotplug_t) "remove_name" to linc-c76-0-1bfa9bbb3e55f (samba_share_t). Detailed Description SELinux denied access requested by /usr/bin/gnome-volume-manager. It is not expected that this access is required by /usr/bin/gnome-volume-manager and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for linc-c76-0-1bfa9bbb3e55f, restorecon -v linc-c76-0-1bfa9bbb3e55f If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. Additional Information Source Context user_u:system_r:hotplug_t Target Context user_u:object_r:samba_share_t Target Objects linc-c76-0-1bfa9bbb3e55f [ dir ] Affected RPM Packages gnome-volume-manager-2.17.0-7.fc7 [application] Policy RPM selinux-policy-2.6.4-25.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.catchall_file Host Name living.lankheet.com Platform Linux living.lankheet.com 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686 i686 Alert Count 1 First Seen Wed 11 Jul 2007 09:39:18 PM CEST Last Seen Wed 11 Jul 2007 09:39:18 PM CEST Local ID 89cada9f-6067-45a0-9e60-550a273b1e4e Line Numbers Raw Audit Messages avc: denied { remove_name } for comm="gnome-volume-ma" dev=dm-0 egid=500 euid=500 exe="/usr/bin/gnome-volume-manager" exit=0 fsgid=500 fsuid=500 gid=500 items=0 name="linc-c76-0-1bfa9bbb3e55f" pid=3206 scontext=user_u:system_r:hotplug_t:s0 sgid=500 subj=user_u:system_r:hotplug_t:s0 suid=500 tclass=dir tcontext=user_u:object_r:samba_share_t:s0 tty=(none) uid=500 Summary SELinux is preventing /usr/bin/krb5-auth-dialog (hotplug_t) "add_name" to linc-c77-0-1bfa9bbbd8cea (samba_share_t). Detailed Description SELinux denied access requested by /usr/bin/krb5-auth-dialog. It is not expected that this access is required by /usr/bin/krb5-auth-dialog and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for linc-c77-0-1bfa9bbbd8cea, restorecon -v linc-c77-0-1bfa9bbbd8cea If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. Additional Information Source Context user_u:system_r:hotplug_t Target Context user_u:object_r:samba_share_t Target Objects linc-c77-0-1bfa9bbbd8cea [ dir ] Affected RPM Packages krb5-auth-dialog-0.7-2 [application] Policy RPM selinux-policy-2.6.4-25.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.catchall_file Host Name living.lankheet.com Platform Linux living.lankheet.com 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686 i686 Alert Count 1 First Seen Wed 11 Jul 2007 09:39:18 PM CEST Last Seen Wed 11 Jul 2007 09:39:18 PM CEST Local ID 6f4b0812-b33a-4c46-88dc-bc788c2ea5ba Line Numbers Raw Audit Messages avc: denied { add_name } for comm="krb5-auth-dialo" egid=500 euid=500 exe="/usr/bin/krb5-auth-dialog" exit=0 fsgid=500 fsuid=500 gid=500 items=0 name="linc-c77-0-1bfa9bbbd8cea" pid=3191 scontext=user_u:system_r:hotplug_t:s0 sgid=500 subj=user_u:system_r:hotplug_t:s0 suid=500 tclass=dir tcontext=user_u:object_r:samba_share_t:s0 tty=(none) uid=500 Summary SELinux is preventing /usr/libexec/mapping-daemon (hotplug_t) "create" to virtual-jeroen.H0vMIQ (samba_share_t). Detailed Description SELinux denied access requested by /usr/libexec/mapping-daemon. It is not expected that this access is required by /usr/libexec/mapping-daemon and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for virtual-jeroen.H0vMIQ, restorecon -v virtual-jeroen.H0vMIQ If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. Additional Information Source Context user_u:system_r:hotplug_t Target Context user_u:object_r:samba_share_t Target Objects virtual-jeroen.H0vMIQ [ dir ] Affected RPM Packages nautilus-cd-burner-2.18.2-1.fc7 [application] Policy RPM selinux-policy-2.6.4-25.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.catchall_file Host Name living.lankheet.com Platform Linux living.lankheet.com 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686 i686 Alert Count 1 First Seen Wed 11 Jul 2007 09:39:21 PM CEST Last Seen Wed 11 Jul 2007 09:39:21 PM CEST Local ID bd128ecf-0ef0-4a9b-9019-06b8d3cf3efc Line Numbers Raw Audit Messages avc: denied { create } for comm="mapping-daemon" egid=500 euid=500 exe="/usr/libexec/mapping-daemon" exit=0 fsgid=500 fsuid=500 gid=500 items=0 name="virtual-jeroen.H0vMIQ" pid=3242 scontext=user_u:system_r:hotplug_t:s0 sgid=500 subj=user_u:system_r:hotplug_t:s0 suid=500 tclass=dir tcontext=user_u:object_r:samba_share_t:s0 tty=(none) uid=500 Summary SELinux is preventing access to files with the label, file_t. Detailed Description SELinux permission checks on files labeled file_t are being denied. file_t is the context the SELinux kernel gives to files that do not have a label. This indicates a serious labeling problem. No files on an SELinux box should ever be labeled file_t. If you have just added a new disk drive to the system you can relabel it using the restorecon command. Otherwise you should relabel the entire files system. Allowing Access You can execute the following command as root to relabel your computer system: "touch /.autorelabel; reboot" Additional Information Source Context user_u:system_r:hotplug_t Target Context system_u:object_r:file_t Target Objects saved_state [ file ] Affected RPM Packages GConf2-2.18.0.1-2.fc7 [application] Policy RPM selinux-policy-2.6.4-25.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.file Host Name living.lankheet.com Platform Linux living.lankheet.com 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686 i686 Alert Count 1 First Seen Wed 11 Jul 2007 09:39:43 PM CEST Last Seen Wed 11 Jul 2007 09:39:43 PM CEST Local ID 66ff25df-6268-463f-8630-901e8cb4babd Line Numbers Raw Audit Messages avc: denied { rename } for comm="gconfd-2" dev=dm-0 egid=500 euid=500 exe="/usr/libexec/gconfd-2" exit=0 fsgid=500 fsuid=500 gid=500 items=0 name="saved_state" pid=3160 scontext=user_u:system_r:hotplug_t:s0 sgid=500 subj=user_u:system_r:hotplug_t:s0 suid=500 tclass=file tcontext=system_u:object_r:file_t:s0 tty=(none) uid=500 Summary SELinux is preventing the /usr/libexec/gconfd-2 from using potentially mislabeled files (saved_state.tmp). Detailed Description SELinux has denied /usr/libexec/gconfd-2 access to potentially mislabeled file(s) (saved_state.tmp). This means that SELinux will not allow /usr/libexec/gconfd-2 to use these files. It is common for users to edit files in their home directory or tmp directories and then move (mv) them to system directories. The problem is that the files end up with the wrong file context which confined applications are not allowed to access. Allowing Access If you want /usr/libexec/gconfd-2 to access this files, you need to relabel them using restorecon -v saved_state.tmp. You might want to relabel the entire directory using restorecon -R -v . Additional Information Source Context user_u:system_r:hotplug_t Target Context user_u:object_r:user_home_t Target Objects saved_state.tmp [ file ] Affected RPM Packages GConf2-2.18.0.1-2.fc7 [application] Policy RPM selinux-policy-2.6.4-25.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.home_tmp_bad_labels Host Name living.lankheet.com Platform Linux living.lankheet.com 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686 i686 Alert Count 1 First Seen Wed 11 Jul 2007 09:39:43 PM CEST Last Seen Wed 11 Jul 2007 09:39:43 PM CEST Local ID 0d59b62d-1bed-40f3-b0f8-18a3888128a4 Line Numbers Raw Audit Messages avc: denied { rename } for comm="gconfd-2" dev=dm-0 egid=500 euid=500 exe="/usr/libexec/gconfd-2" exit=0 fsgid=500 fsuid=500 gid=500 items=0 name="saved_state.tmp" pid=3160 scontext=user_u:system_r:hotplug_t:s0 sgid=500 subj=user_u:system_r:hotplug_t:s0 suid=500 tclass=file tcontext=user_u:object_r:user_home_t:s0 tty=(none) uid=500