hald_acl_t AVC

Tom London selinux at gmail.com
Fri Dec 7 20:32:44 UTC 2007


Seeing this after some updates today (enforcing):

#============= hald_acl_t ==============
allow hald_acl_t self:fifo_file write;

type=AVC msg=audit(1197057157.993:94): avc:  denied  { write } for
pid=11138 comm="polkit-read-aut" path="pipe:[79635]" dev=pipefs
ino=79635 scontext=system_u:system_r:hald_acl_t:s0
tcontext=system_u:system_r:hald_acl_t:s0 tclass=fifo_file
type=SYSCALL msg=audit(1197057157.993:94): arch=40000003 syscall=4
success=no exit=-13 a0=1 a1=bfea83c8 a2=9 a3=9 items=0 ppid=11123
pid=11138 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=87
sgid=87 fsgid=87 tty=(none) comm="polkit-read-aut"
exe="/usr/libexec/polkit-read-auth-helper"
subj=system_u:system_r:hald_acl_t:s0 key=(null)
type=USER_ACCT msg=audit(1197057661.316:95): user pid=11508 uid=0
auid=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023
msg='op=PAM:accounting acct=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron res=success)'


-- 
Tom London




More information about the fedora-selinux-list mailing list