console-kit-domain
Tom London
selinux at gmail.com
Thu Jan 25 00:39:27 UTC 2007
Running latest rawhide, targeted/enforcing.
'console-kit-daemon' is running as initrc_t.
I'm getting the following AVC:
type=USER_AVC msg=audit(1169660835.581:34): user pid=2558 uid=81
auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc:
denied { send_msg } for msgtype=method_call
interface=org.freedesktop.ConsoleKit.Manager
member=OpenSessionWithParameters dest=org.freedesktop.ConsoleKit
spid=3363 tpid=3018 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023
tcontext=system_u:system_r:initrc_t:s0 tclass=dbus :
exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
[root at localhost ~]# ls -lZ /usr/sbin/console*
-rwxr-xr-x root root system_u:object_r:sbin_t
/usr/sbin/console-kit-daemon
[root at localhost ~]#
Should /usr/sbin/console-kit-daemon be xdm_exec_t ?
tom
[Not sure how to BZ this.... ConsoleKit package is not listed in bugzilla.]
--
Tom London
More information about the fedora-selinux-list
mailing list