gnome-power-manager disappears if selinux enabled [AGAIN]

Daniel J Walsh dwalsh at redhat.com
Wed Jan 25 17:03:32 UTC 2006 

Justin Conover wrote:
>
>
> On 1/23/06, *Justin Conover* <justin.conover at gmail.com 
> <mailto:justin.conover at gmail.com>> wrote:
>
>
>
>     On 1/23/06, *Justin Conover* < justin.conover at gmail.com
>     <mailto:justin.conover at gmail.com>> wrote:
>
>
>
>         On 1/23/06, *Daniel J Walsh* < dwalsh at redhat.com
>         <mailto:dwalsh at redhat.com>> wrote:
>
>             Justin Conover wrote:
>             >
>             >
>             > On 1/23/06, *Daniel J Walsh* <dwalsh at redhat.com
>             <mailto:dwalsh at redhat.com>
>             > <mailto: dwalsh at redhat.com <mailto:dwalsh at redhat.com>>>
>             wrote:
>             >
>             >     Roger Grosswiler wrote:
>             >     > this is after todays update:
>             >     >
>             >     >
>             >     > allow hald_t automount_tmp_t:dir getattr;
>             >     > allow hald_t boot_t:dir getattr;
>             >     > allow hald_t home_root_t:dir search;
>             >     > allow hald_t initctl_t:fifo_file write;
>             >     > allow hald_t initrc_var_run_t:file lock;
>             >     > allow hald_t mnt_t:dir read;
>             >     > allow hald_t mnt_t:file write;
>             >     > allow hald_t sysctl_fs_t:dir search;
>             >     > allow hald_t usr_t:file execute;
>             >     > allow hald_t var_lib_nfs_t:dir search;
>             >     >
>             >     >
>             >     > ...and again if selinux==enforced then no g-p-m
>             >     >
>             >     > Rog
>             >     >
>             >     >
>             >     What version of policy are you running?
>             >
>             >     Latest version is supposed to allow hald to have full
>             control over
>             >     mnt.
>             >     The usr_t:file execute sounds like a mislabled file
>             which should have
>             >     been fixed by the latest policy also.
>             >
>             >
>             >     --
>             >     fedora-test-list mailing list
>             >     fedora-test-list at redhat.com
>             <mailto:fedora-test-list at redhat.com>
>             <mailto:fedora-test-list at redhat.com
>             <mailto:fedora-test-list at redhat.com>>
>             >     To unsubscribe:
>             >     https://www.redhat.com/mailman/listinfo/fedora-test-list
>             >
>             >
>             >
>             > rpm -qa *\policy\*
>             > selinux-policy-targeted-2.2.2-1
>             > selinux-policy-2.2.2-1
>             > policycoreutils-1.29.9-2
>             >
>             > Same problem.
>             Please attach the audit.log that caused these messages.
>
>             --
>             fedora-test-list mailing list
>             fedora-test-list at redhat.com
>             <mailto:fedora-test-list at redhat.com>
>             To unsubscribe:
>             https://www.redhat.com/mailman/listinfo/fedora-test-list
>
>
>
>          justin at kainos:~$ gnome-power-manager
>
>         ** (gnome-power-manager:23679): WARNING **: main: An SELinux
>         policy prevents this sender from sending this message to this
>         recipient (rejected message had interface "
>         org.freedesktop.DBus" member "Hello" error name "(unset)"
>         destination "org.freedesktop.DBus")
>
>         ** ERROR **: This program cannot start until you start the
>         dbussystem daemon
>         This is usually started in initscripts, and is usually called
>         messagebus
>         It is STRONGLY recommended you reboot your compterafter
>         restarting messagebus
>
>
>         aborting...
>
>         (gnome_segv:23680): Gtk-WARNING **: Theme directory
>         16x16/status16x16/stock/chart of theme gnome has no size field
>
>
>
>     (gdb) bt
>     #0  0x007eab89 in g_logv () from /usr/lib/libglib-2.0.so.0
>     #1  0x007eae47 in g_log () from /usr/lib/libglib-2.0.so.0
>     #2  0x0804eb8a in ?? ()
>     #3  0x006696b4 in __libc_start_main () from /lib/libc.so.6
>     #4  0x0804c0d1 in ?? ()
>
>
>
> [root at kainos ~]# gnome-power-manager
>
> ** (gnome-power-manager:2894): WARNING **: main: Unable to determine 
> the address of the message bus
>
> ** ERROR **: This program cannot start until you start the dbus 
> session daemon
> This is usually started in X or gnome startup (depending on distro)
> You can launch the session dbus-daemon manually with this command:
> eval `dbus-launch --auto-syntax`
>
> aborting...
>
> (gnome_segv:2897): Gtk-WARNING **: Theme directory 
> 16x16/status16x16/stock/chart of theme gnome has no size field
>
> [root at kainos ~]# /etc/init.d/haldaemon status
> hald (pid 2480) is running...
>
>
> [root at kainos audit]# grep pid=2480 audit.log
> type=USER_AVC msg=audit(1138046588.888:70): user pid=2449 uid=81 
> auid=4294967295 msg='avc:  denied  { acquire_svc } for service= 
> org.freedesktop.Hal spid=2480 scontext=system_u:system_r:hald_t 
> tcontext=system_u:system_r:initrc_t tclass=dbus : exe="?" (sauid=81, 
> hostname=?, addr=?, terminal=?)'
>
Fixed in selinux-policy-targeted-2.2.5-1 available on
ftp://people.redhat.com/dwalsh/SELinux/Fedora

Or from rawhide tomorrow.

More information about the fedora-test-list mailing list