SELinux is preventing /usr/bin/Xorg (xdm_xserver_t) "unix_read unix_write" to <Unknown> (wine_t).

Daniel J Walsh dwalsh at redhat.com
Fri Sep 21 13:20:16 UTC 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Antonio Olivares wrote:
> Are any of the testers still seeing this after the updates?
> 
> Summary
>     SELinux is preventing /usr/bin/Xorg (xdm_xserver_t) "unix_read unix_write"
>     to <Unknown> (wine_t).
> 
> Detailed Description
>     SELinux denied access requested by /usr/bin/Xorg. It is not expected that
>     this access is required by /usr/bin/Xorg and this access may signal an
>     intrusion attempt. It is also possible that the specific version or
>     configuration of the application is causing it to require additional access.
> 
> Allowing Access
>     You can generate a local policy module to allow this access - see
>     http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable
>     SELinux protection altogether. Disabling SELinux protection is not
>     recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi
>     against this package.
> 
> Additional Information        
> 
> Source Context                system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023
> Target Context                system_u:system_r:wine_t:s0
> Target Objects                None [ shm ]
> Affected RPM Packages         xorg-x11-server-Xorg-1.3.0.0-24.fc8 [application]
> Policy RPM                    selinux-policy-3.0.8-2.fc8
> Selinux Enabled               True
> Policy Type                   targeted
> MLS Enabled                   True
> Enforcing Mode                Enforcing
> Plugin Name                   plugins.catchall
> Host Name                     localhost.localdomain
> Platform                      Linux localhost.localdomain
>                               2.6.23-0.187.rc6.git7.fc8 #1 SMP Tue Sep 18
>                               18:05:52 EDT 2007 i686 i686
> Alert Count                   122
> First Seen                    Fri 21 Sep 2007 08:05:30 AM CDT
> Last Seen                     Fri 21 Sep 2007 08:06:41 AM CDT
> Local ID                      0ccdd94f-6b5d-4d1c-a03c-90f450f7d265
> Line Numbers                  
> 
> Raw Audit Messages            
> 
> avc: denied { unix_read, unix_write } for comm=X egid=0 euid=0 exe=/usr/bin/Xorg
> exit=-13 fsgid=0 fsuid=0 gid=0 items=0 pid=2484
> scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 sgid=0
> subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 suid=0 tclass=shm
> tcontext=system_u:system_r:wine_t:s0 tty=tty7 uid=0
> 
> 
> 
> 
> Regards,
> 
> Antonio 
> 
> 
> 
> 
>        
> ____________________________________________________________________________________
> Be a better Globetrotter. Get better travel answers from someone who knows. Yahoo! Answers - Check it out.
> http://answers.yahoo.com/dir/?link=list&sid=396545469
> 
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
Should be fixed in today's rawhide.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFG88UPrlYvE4MpobMRAkMlAJ4qplZJukXhywqt+ogt2Rw6FAZJ4gCfZXSq
4Ueq2ba7hGetrPYRLLCe8K4=
=lwu7
-----END PGP SIGNATURE-----

More information about the fedora-test-list mailing list