gconf alert

Valent Turkovic valent.turkovic at gmail.com
Sat Mar 22 12:55:51 UTC 2008


On Sat, Mar 22, 2008 at 1:55 PM, Valent Turkovic
<valent.turkovic at gmail.com> wrote:
>
> On Sat, Mar 22, 2008 at 12:14 PM, Daniel J Walsh <dwalsh at redhat.com> wrote:
>  >
>  > -----BEGIN PGP SIGNED MESSAGE-----
>  >  Hash: SHA1
>  >
>  >  Valent Turkovic wrote:
>  >  > On Sat, Mar 22, 2008 at 12:20 AM, Daniel J Walsh <dwalsh at redhat.com> wrote:
>  >  >> -----BEGIN PGP SIGNED MESSAGE-----
>  >  >>  Hash: SHA1
>  >  >>
>  >  >>
>  >  >>  Valent Turkovic wrote:
>  >  >>  > Hi.
>  >  >>  >
>  >  >>  > I'm seeing lots of these alerts in rawhide.
>  >  >>  > Is this "normal" or is it a gnome or selinux issue or is my system problematic?
>  >  >>  >
>  >  >>  > Valent.
>  >  >>  >
>  >  >>  >
>  >  >>  >
>  >  >>  > ------------------------------------------------------------------------
>  >  >>  >
>  >  >>  > --
>  >  >>  > fedora-selinux-list mailing list
>  >  >>  > fedora-selinux-list at redhat.com
>  >  >>  > https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>  >  >>  Well you are logging in as root via XWindows which is not a good idea
>  >  >>  and we do not plan to fix the policy for this.  Since it is such a bad
>  >  >>  idea, and would break any security we have tried to add to SELinux to
>  >  >>  eliminate the AVC.  You also setup the user to login via user_t?
>  >  >>  -----BEGIN PGP SIGNATURE-----
>  >  >>  Version: GnuPG v1.4.8 (GNU/Linux)
>  >  >>  Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
>  >  >>
>  >  >>  iEYEARECAAYFAkfkQtAACgkQrlYvE4MpobMhRACeJ9srkML85WxzUU6DVBtEPMS9
>  >  >>  Uw0AoLqLWJUxIzTk79o7Tn4ybDSKRsE8
>  >  >>  =z7RQ
>  >  >>  -----END PGP SIGNATURE-----
>  >  >>
>  >  >
>  >  >
>  >  > I'm not logging in as root to gnome.
>  >  >
>  >  > Valent
>  >  > .
>  >  >
>  >  Well the AVC says
>  >
>  >  host=valent.lan type=AVC msg=audit(1206099072.482:443): avc:  denied  {
>  >  rename } for  pid=13738 comm="gconfd-2" name="saved_state.tmp" dev=sda9
>  >  ino=865370 scontext=user_u:user_r:user_t:s0
>  >  tcontext=user_u:object_r:admin_home_t:s0 tclass=file
>  >
>  >  host=valent.lan type=SYSCALL msg=audit(1206099072.482:443):
>  >  arch=40000003 syscall=38 success=yes exit=0 a0=9f59b20 a1=9f57118 a2=0
>  >  a3=5 items=0 ppid=1 pid=13738 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0
>  >  egid=0 sgid=0 fsgid=0 tty=(none) ses=4 comm="gconfd-2"
>  >  exe="/usr/libexec/gconfd-2" subj=user_u:user_r:user_t:s0 key=(null)
>  >
>  >
>  >  admin_home_t is the label of /root
>  >
>  >  So either  you have a labeling problem or you have gconfd-2 trying to
>  >  relabel saved_state.tmp which is labeled the root directory label
>  >  admin_home_t
>  >
>  > -----BEGIN PGP SIGNATURE-----
>  >  Version: GnuPG v1.4.8 (GNU/Linux)
>  >  Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
>  >
>  >  iEYEARECAAYFAkfk6gAACgkQrlYvE4MpobMAXwCg2YpVaswVCQVI7kSuOUk+CgDN
>  >  JWMAoIHx0BNqxOdbUKGsA1ruGBTlYvin
>  >  =F+6B
>  >  -----END PGP SIGNATURE-----
>  >
>
>
>  I relabeled my system 2 times in last few days and I'm not running as
>  gmome as root. I don't know why I'm seeing this alert and that is why
>  I'm sending you this email.
>
>
>
>  Valent.
>
>  --
>  http://kernelreloaded.blog385.com/
>  linux, blog, anime, spirituality, windsurf, wireless
>  registered as user #367004 with the Linux Counter, http://counter.li.org.
>  ICQ: 2125241, Skype: valent.turkovic
>


I'm seeing it in F8 and also in F9 Beta
.

-- 
http://kernelreloaded.blog385.com/
linux, blog, anime, spirituality, windsurf, wireless
registered as user #367004 with the Linux Counter, http://counter.li.org.
ICQ: 2125241, Skype: valent.turkovic




More information about the fedora-selinux-list mailing list