Bug 120436

Summary: selinux avc: denied errors on shutdown and/or reboot
Product: [Fedora] Fedora Reporter: Lynda Sweetman <lsweetman>
Component: apmdAssignee: Bill Nottingham <notting>
Status: CLOSED WORKSFORME QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: barryn, dwalsh, rvokal
Target Milestone: ---Keywords: SELinux
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-02-02 22:59:44 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 136451    
Attachments:
Description Flags
cat /var/log/messages | grep avc (from the last shutdown)
none
cat /var/log/messages | grep avc
none
rpm -qa --last > install_history.txt (edited file for recently updated packages) none

Description Lynda Sweetman 2004-04-08 19:40:29 UTC 
Description of problem:apmd is denied getattr and read access to files
and links during shutdown and reboot. 


Version-Release number of selected component (if
applicable):policy-1.10.1-4;policy-sources-1.10.1-4;libselinux-1.10-2;
apmd-3.0.2-21. 


How reproducible:Selinux is in permissive mode, happens every time I
shutdown or reboot.


Steps to Reproduce:
1.Log out of X
2.choose "reboot" or "shutdown" from graphical login screen
3.Go for it
  
Actual results:Lots of avc: denied errors on screen, then
shutdown/reboot proceeds normally.


Expected results:Hopefully, a selinux policy that will allow me to use
enforcing mode.


Additional info:
Comment 1 Lynda Sweetman 2004-04-08 19:49:06 UTC 
Created attachment 99246 [details]
cat /var/log/messages | grep avc (from the last shutdown)

I ran audit2allow -d on this, but am still clueless on how to rewrite policy.
Is there a good reference for audit2allow? I don't find much on it.
Comment 2 Bill Nottingham 2004-04-08 20:01:40 UTC 
Odd, not sure why killall is getting run from that context.
Comment 3 Daniel Walsh 2004-04-08 20:18:39 UTC 
I think this is the pidof call that is causing this?


Dan
Comment 4 scott white 2004-04-15 12:30:25 UTC 
Created attachment 99443 [details]
cat /var/log/messages | grep avc
Comment 5 scott white 2004-04-15 12:40:17 UTC 
i also started getting these messages after updating some packages.
however, now i cannot log in as anyone but root. logging in as anyone
else spits me back out to the login screen. before updating the
packages , everything was fine. i'll post a list what i updated

scott
Comment 6 scott white 2004-04-15 12:42:24 UTC 
Created attachment 99444 [details]
rpm -qa --last > install_history.txt (edited file for recently updated packages)
Comment 7 Bill Nottingham 2004-04-15 18:36:11 UTC 
kernel_t implies your policy and/or labelling is screwed up.
Comment 8 Bill Nottingham 2004-05-04 05:13:35 UTC 
Does this persist with current trees?
Comment 9 Lynda Sweetman 2004-05-04 10:02:57 UTC 
I simply turned off apmd in chkconfig. I don't really need it.
Comment 10 Net Nut 2004-07-16 17:38:14 UTC 
I have seen this on two different fc2 machines (one laptop and one
desktop) both were upgrades from fc1  but I have two other fc2
machines to don't show these symptoms..
Comment 11 Bill Nottingham 2004-10-13 04:18:18 UTC 
Please test with FC3 test.
Comment 12 Bill Nottingham 2005-02-02 22:59:44 UTC 
Closing, no response.