trying to understand SELinux message
Paul Allen Newell
pnewell at cs.cmu.edu
Mon Nov 16 06:20:04 UTC 2009
Mr. Teo En Ming (Zhang Enming) wrote:
> On Mon, Nov 16, 2009 at 2:01 PM, Paul Allen Newell <pnewell at cs.cmu.edu> wrote:
>
>>
>
> Hi Paul,
>
> <QUOTE>
> Summary:
>
> SELinux is preventing the gdm-session-wor from using potentially mislabeled
> files (.dmrc).
>
> Detailed Description:
>
> SELinux has denied gdm-session-wor access to potentially mislabeled file(s)
> (.dmrc). This means that SELinux will not allow gdm-session-wor to use these
> files. It is common for users to edit files in their home directory or tmp
> directories and then move (mv) them to system directories. The problem is that
> the files end up with the wrong file context which confined applications are not
> allowed to access.
>
> Allowing Access:
>
> If you want gdm-session-wor to access this files, you need to relabel them using
> restorecon -v '.dmrc'. You might want to relabel the entire directory using
> restorecon -R -v ''.
>
> </QUOTE>
>
> Link: http://osdir.com/ml/fedora-selinux/2009-02/msg00111.html
>
>
> You can execute the following command as root to solve your problem.
>
> # restorecon -R -v /root
>
> It should stop the AVC messages from popping up.
>
>
Thank you very much for finding this. That being said, my head hurts
after reading it as I am not certain what a large part of it means. But
I do know that I probably moved at least one file in from my personal
account and so it kinda makes sense.
Let me re-read after a night's sleep and see if this, plus your link,
makes more sense then.
That being said, what the "word-of-your-choice" is "gdm-session-wor" ???
Paul
More information about the fedora-list
mailing list