Bug 119581

Summary: screen reports Permission denied
Product: [Fedora] Fedora Reporter: Gregory Gulik <greg>
Component: screenAssignee: Daniel Reed <djr>
Status: CLOSED CURRENTRELEASE QA Contact: Brock Organ <borgan>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: dwalsh, twaugh
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-11-06 18:17:04 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 122683    
Attachments:
Description Flags
SELinux audit2allow output (what screen can't access) none

Description Gregory Gulik 2004-03-31 15:47:50 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040124

Description of problem:
When running the screen program as a regular user I get the following
error:
[greg@dell8100 greg]$ screen
Cannot make directory '/tmp/uscreens': Permission denied

Version-Release number of selected component (if applicable):
screen-4.14-3

How reproducible:
Always

Steps to Reproduce:
1. Log in
2. Open Terminal
3. Type "screen"
    

Actual Results:  [greg@dell8100 greg]$ screen
Cannot make directory '/tmp/uscreens': Permission denied

Expected Results:  Screen should start up.

Additional info:

Does not run as "root" either.
Comment 1 Daniel Reed 2004-04-01 21:24:28 UTC 
Please paste the output of: rpm -q --whatprovides `which screen`

There is no upstream version 4.14, nor am I seeing anything tagged as
4.14-3 internally. Also, our screen package should be using ~/.screen/
for its socket directory, not /tmp/uscreens/.
Comment 2 Gregory Gulik 2004-04-01 21:33:56 UTC 
Sorry, the version number was a typo.  Here is the correct information:

[greg@dell8100 greg]$ rpm -q --whatprovides `which screen`
screen-4.0.1-4
[greg@dell8100 greg]$ uname -a
Linux dell8100 2.6.3-2.1.253.2.1 #1 Fri Mar 12 14:01:55 EST 2004 i686
i686 i386 GNU/Linux
[greg@dell8100 greg]$ screen
Cannot make directory '/tmp/screens': Permission denied

This was a fresh install on a spare hard drive.
Comment 3 Lon Hohberger 2004-04-01 22:49:23 UTC 
Created attachment 99054 [details]
SELinux audit2allow output (what screen can't access)

This appears to be a policy issue with SELinux.  For now, you can type (as
root:sysadm_r:sysadm_t): "setenforce 0" to get screen running.
Comment 4 Lon Hohberger 2004-04-01 22:49:54 UTC 
Obvious note: ignore xdm_t line.
Comment 5 Tim Waugh 2004-04-03 11:12:04 UTC 
Adding 'tmp_domain($1_screen)' to macros/program/screen_macros.te gets
further:

$ screen
audit(1080990982.120:0): avc:  denied  { read } for  pid=3266
exe=/usr/bin/screen name=xterm dev=hdb1 ino=1171500
scontext=user_u:user_r:user_screen_t tcontext=system_u:object_r:usr_t
tclass=file
Cannot find terminfo entry for 'xterm'.

Perhaps this is /usr/share/terminfo/x/xterm?
Comment 6 Tim Waugh 2004-04-03 11:16:10 UTC 
Adding 'allow $1_screen_t usr_t:file { read };' to
macros/program/screen_macros.te fixes this, and makes screen start up
with no problems.

Don't know if terminfo files should have any special file contexts.
Comment 7 Daniel Walsh 2004-04-03 13:09:36 UTC 
Added fixes in policy-1.9.2-10.

Lon lets sit down on Monday and work our way through the rest of these.


Dan
Comment 8 Daniel Reed 2004-11-06 18:17:04 UTC 
Please reopen if you are still having difficulties. Thanks.