Re: SELinux Admin newbie question

Dominick Grift wrote: > On 03/04/2010 07:14 PM, Temlakos wrote: > > > >> Anyway--in case I have to use that installer again, as I think I might, >> I'd like to have somebody go over those alerts--because they /have/ to >> be related, somehow. Here they are again: >> >> > Just a comment: > > ausearch -m avc -ts ... does not show all denials in > /var/log/audit/audit.log > > There could also be user space AVC denials present which can be listed with: > > ausearch -m user_avc -ts ... > > In some rare cases sone AVC denials may end up in dmesg and/or > /var/log/messages. > > Unfortunately i do not see anything in your enclosed AVC denials that i > suspect may be related to your issue. Hopefully someone else does. > > > Well, I just tried searching on user_avc, even after un-hiding the alerts. Result: <no matches> So what I submitted, has to be it. But: might this have anything to do with it? I'm using KDE now, and one of the things that the installer had to do was to get into KWallet, and for that the system asked for my KWallet password, which I gave. I'm new to KDE, and I'm surprised that I didn't use it earlier. KDE has an automatic package installer that has already made my life a lot simpler, and when I realized that I was using a lot of KDE-specific apps, KDE was the logical choice. But maybe KDE has some subtleties that occasionally create a security problem in a security-enhanced environment. Temlakos -- selinux mailing list selinux(a)lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux