Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 117115
Summary: | Problem running programs what need root privileges as normal user in X | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Vaclav "sHINOBI" Misek <misek> |
Component: | policy | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED RAWHIDE | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | bmillett, ronny-rhbugzilla, schwandter+bugs |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | athlon | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2004-04-04 20:38:06 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Vaclav "sHINOBI" Misek
2004-02-28 19:52:35 UTC
The long list of avc denied messages when trying to start programs with consolehelper avc: denied { read } for pid=5899 exe=/usr/bin/consolehelper-gtk name=.Xauthority dev=hda3 ino=543620 scontext=user_u:user_r:user_t tcontext=system_u:object_r:home_root_t tclass=file avc: denied { getattr } for pid=5899 exe=/usr/bin/consolehelper-gtk path=/home/ronny/.Xauthority dev=hda3 ino=543620 scontext=user_u:user_r:user_t tcontext=system_u:object_r:home_root_t tclass=file avc: denied { read } for pid=5899 exe=/usr/bin/consolehelper-gtk name=.fonts.cache-1 dev=hda3 ino=543665 scontext=user_u:user_r:user_t tcontext=user_u:object_r:home_root_t tclass=file avc: denied { getattr } for pid=5899 exe=/usr/bin/consolehelper-gtk path=/home/ronny/.fonts.cache-1 dev=hda3 ino=543665 scontext=user_u:user_r:user_t tcontext=user_u:object_r:home_root_t tclass=file avc: denied { create } for pid=5899 exe=/usr/bin/consolehelper-gtk name=.fonts.cache-1.TMP-j1tcYs scontext=user_u:user_r:user_t tcontext=user_u:object_r:home_root_t tclass=file avc: denied { write } for pid=5899 exe=/usr/bin/consolehelper-gtk path=/home/ronny/.fonts.cache-1.TMP-j1tcYs dev=hda3 ino=543664 scontext=user_u:user_r:user_t tcontext=user_u:object_r:home_root_t tclass=file avc: denied { link } for pid=5899 exe=/usr/bin/consolehelper-gtk name=.fonts.cache-1.TMP-j1tcYs dev=hda3 ino=543664 scontext=user_u:user_r:user_t tcontext=user_u:object_r:home_root_t tclass=file avc: denied { unlink } for pid=5899 exe=/usr/bin/consolehelper-gtk name=.fonts.cache-1.TMP-j1tcYs dev=hda3 ino=543664 scontext=user_u:user_r:user_t tcontext=user_u:object_r:home_root_t tclass=file avc: denied { rename } for pid=5899 exe=/usr/bin/consolehelper-gtk name=.fonts.cache-1.NEW dev=hda3 ino=543666 scontext=user_u:user_r:user_t tcontext=user_u:object_r:home_root_t tclass=file avc: denied { write } for pid=5901 exe=/usr/X11R6/bin/xauth name=ronny dev=hda3 ino=543603 scontext=user_u:user_r:userhelper_t tcontext=system_u:object_r:home_root_t tclass=dir avc: denied { add_name } for pid=5901 exe=/usr/X11R6/bin/xauth name=.Xauthority-c scontext=user_u:user_r:userhelper_t tcontext=system_u:object_r:home_root_t tclass=dir avc: denied { create } for pid=5901 exe=/usr/X11R6/bin/xauth name=.Xauthority-c scontext=user_u:user_r:userhelper_t tcontext=user_u:object_r:home_root_t tclass=file avc: denied { link } for pid=5901 exe=/usr/X11R6/bin/xauth name=.Xauthority-c dev=hda3 ino=543664 scontext=user_u:user_r:userhelper_t tcontext=user_u:object_r:home_root_t tclass=file avc: denied { write } for pid=5901 exe=/usr/X11R6/bin/xauth name=.Xauthority dev=hda3 ino=543620 scontext=user_u:user_r:userhelper_t tcontext=system_u:object_r:home_root_t tclass=file avc: denied { read } for pid=5901 exe=/usr/X11R6/bin/xauth name=.Xauthority dev=hda3 ino=543620 scontext=user_u:user_r:userhelper_t tcontext=system_u:object_r:home_root_t tclass=file avc: denied { getattr } for pid=5901 exe=/usr/X11R6/bin/xauth path=/home/ronny/.Xauthority dev=hda3 ino=543620 scontext=user_u:user_r:userhelper_t tcontext=system_u:object_r:home_root_t tclass=file avc: denied { remove_name } for pid=5901 exe=/usr/X11R6/bin/xauth name=.Xauthority-c dev=hda3 ino=543664 scontext=user_u:user_r:userhelper_t tcontext=system_u:object_r:home_root_t tclass=dir avc: denied { unlink } for pid=5901 exe=/usr/X11R6/bin/xauth name=.Xauthority-c dev=hda3 ino=543664 scontext=user_u:user_r:userhelper_t tcontext=user_u:object_r:home_root_t tclass=file avc: denied { create } for pid=5900 exe=/usr/sbin/userhelper name=.xauthCfdwAA scontext=user_u:user_r:userhelper_t tcontext=user_u:object_r:sysadm_home_dir_t tclass=file avc: denied { setattr } for pid=5900 exe=/usr/sbin/userhelper name=.xauthCfdwAA dev=hda3 ino=227160 scontext=user_u:user_r:userhelper_t tcontext=user_u:object_r:sysadm_home_dir_t tclass=file avc: denied { link } for pid=5902 exe=/usr/X11R6/bin/xauth name=.xauthCfdwAA-c dev=hda3 ino=227161 scontext=user_u:user_r:userhelper_t tcontext=user_u:object_r:sysadm_home_dir_t tclass=file avc: denied { write } for pid=5902 exe=/usr/X11R6/bin/xauth name=.xauthCfdwAA dev=hda3 ino=227160 scontext=user_u:user_r:userhelper_t tcontext=user_u:object_r:sysadm_home_dir_t tclass=file avc: denied { read } for pid=5902 exe=/usr/X11R6/bin/xauth name=.xauthCfdwAA dev=hda3 ino=227160 scontext=user_u:user_r:userhelper_t tcontext=user_u:object_r:sysadm_home_dir_t tclass=file avc: denied { getattr } for pid=5902 exe=/usr/X11R6/bin/xauth path=/root/.xauthCfdwAA dev=hda3 ino=227160 scontext=user_u:user_r:userhelper_t tcontext=user_u:object_r:sysadm_home_dir_t tclass=file avc: denied { unlink } for pid=5902 exe=/usr/X11R6/bin/xauth name=.xauthCfdwAA dev=hda3 ino=227160 scontext=user_u:user_r:userhelper_t tcontext=user_u:object_r:sysadm_home_dir_t tclass=file *** Bug 117200 has been marked as a duplicate of this bug. *** Fixed in policy-1.9-18.src.rpm Hmm, strange, I'm still observing the same behavior with updated system to rawhide from 1st April (policy-1.9.2-1). I tried to run fixfiles relabel and then reboot without any change. You need to upgrade the version of usermode to 1.70-2 If you want to run up2date, that also needs an update. Dan Yes, this issue seems to be resolved, therefore I'm closing it with Rawhide |