Also more avc denies - up2date
Bob Gustafson
bobgus at rcn.com
Mon May 10 18:51:03 UTC 2004
Also, when I try to run up2date from Gnome (started as user1) by clicking
on the toolbar icon -> then clicking on 'Open up2date', then putting in
root password in resulting dialog box, nothing happens after that
[user1 at hoho2 user1]$ dmesg | tail -2 ...
audit(1084213893.132:0): avc: denied { name_bind } for pid=3830
exe=/usr/X11R6/bin/Xorg scontext=user_u:user_r:user_xserver_t
tcontext=system_u:object_r:vnc_port_t tclass=tcp_socket
audit(1084213926.790:0): avc: denied { transition } for pid=3991
exe=/usr/sbin/userhelper path=/usr/sbin/up2date dev=sda2 ino=3845328
scontext=user_u:user_r:user_userhelper_t tcontext=root:sysadm_r:rpm_t
tclass=process
[user1 at hoho2 user1]$
However, if I open a terminal window and do 'setenforce 0', and then repeat
the above commands, the up2date splash opens and I can then go ahead and
download updates (if there are any).
It looks like the policy needs a tweek here, or maybe the problem is in Gnome?
BobG
More information about the fedora-selinux-list
mailing list