Bug 120303
Summary: | tvtime broken because of policy | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | lupus <de_lupus> |
Component: | policy | Assignee: | Russell Coker <rcoker> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Ben Levenson <benl> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | billy.biggs, dwalsh, than |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | 1.25.4-10.1 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2005-09-15 15:58:14 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
lupus
2004-04-07 17:08:24 UTC
Fixed in policy-1.11.1-1 audit(1082569152.619:0): avc: denied { ioctl } for pid=2115 exe=/usr/bin/tvtime path=/dev/video0 dev=hda3 ino=190244 scontext=user_u:user_r:user_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file still broken Ok, could you change it to permissive mode and run the command and then give us the AVC messages. Dan audit(1083000151.939:0): avc: denied { read } for pid=2192 exe=/usr/bin/tvtime name=rtc dev=hda3 ino=184867 scontext=user_u:user_r:user_t tcontext=system_u:object_r:clock_device_t tclass=chr_file audit(1083000151.939:0): avc: denied { ioctl } for pid=2192 exe=/usr/bin/tvtime path=/dev/rtc dev=hda3 ino=184867 scontext=user_u:user_r:user_t tcontext=system_u:object_r:clock_device_t tclass=chr_file audit(1083000151.939:0): avc: denied { sys_resource } for pid=2192 exe=/usr/bin/tvtime capability=24 scontext=user_u:user_r:user_t tcontext=user_u:user_r:user_t tclass=capability audit(1083000151.939:0): avc: denied { setuid } for pid=2192 exe=/usr/bin/tvtime capability=7 scontext=user_u:user_r:user_t tcontext=user_u:user_r:user_t tclass=capability audit(1083000151.968:0): avc: denied { ioctl } for pid=2192 exe=/usr/bin/tvtime path=/dev/video0 dev=hda3 ino=190244 scontext=user_u:user_r:user_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file this is it Here is what I get on my vanilla FC2 installation : tvtime can not acces /dev/rtc and /dev/video0 : [stein@localhost stein]$ tvtime Running tvtime 0.9.12. rtctimer: Cannot open /dev/rtc: Permission denied rtctimer: Cannot open /dev/misc/rtc: No such file or directory Enhanced Real Time Clock support in your kernel is necessary for smooth video. We strongly recommend that you load the 'rtc' kernel module before starting tvtime, and make sure that your user has access to the device file (/dev/rtc or /dev/misc/rtc). See our support page at http://tvtime.net/ for more information. Reading configuration from /etc/tvtime/tvtime.xml Reading configuration from /home/stein/.tvtime/tvtime.xml videoinput: Cannot open capture device /dev/video0: Permission denied Thank you for using tvtime. [stein@localhost stein]$ rpm -q tvtime tvtime-0.9.12-5 Added new tvtime policy selinux-policy-strict-1.17.24-3 |