Bug 123275
| Summary: | policy prevents starting Maelstrom | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Fred New <fred.new2911> | ||||
| Component: | policy | Assignee: | Daniel Walsh <dwalsh> | ||||
| Status: | CLOSED RAWHIDE | QA Contact: | Ben Levenson <benl> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | rawhide | CC: | pgraner | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | i386 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2004-06-14 21:13:49 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Created attachment 100247 [details]
Relevant avc messages in /var/log/messages
Does it work it you do a chcon system_u:object_r:games_exec_t /usr/bin/Maelstrom? Dan Yes, the game starts. I still see the following at the tail of
/var/log/messages (enforcing mode):
May 17 18:32:53 kuldar kernel: audit(1084807973.226:0): avc: denied
{ getattr } for pid=2538 exe=/usr/bin/Maelstrom
path=/dev/input/event0 dev=hda3 ino=418065
scontext=user_u:user_r:user_games_t
tcontext=system_u:object_r:event_device_t tclass=chr_file
May 17 18:32:53 kuldar kernel: audit(1084807973.235:0): avc: denied
{ getattr } for pid=2538 exe=/usr/bin/Maelstrom path=/dev/input/js0
dev=hda3 ino=418097 scontext=user_u:user_r:user_games_t
tcontext=system_u:object_r:mouse_device_t tclass=chr_file
May 17 18:32:53 kuldar kernel: audit(1084807973.290:0): avc: denied
{ getattr } for pid=2538 exe=/usr/bin/Maelstrom path=/dev/input/js0
dev=hda3 ino=418097 scontext=user_u:user_r:user_games_t
tcontext=system_u:object_r:mouse_device_t tclass=chr_file
May 17 18:32:53 kuldar kernel: audit(1084807973.509:0): avc: denied
{ read } for pid=2538 exe=/usr/bin/Maelstrom name=cmdline dev=
ino=166330380 scontext=user_u:user_r:user_games_t
tcontext=user_u:user_r:user_games_t tclass=file
selinux-policy-strict-1.13.2-7.src.rpm |
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040404 Firefox/0.8 Description of problem: I am unable to start Maelstrom in enforcing mode. Going to permissive mode allows Maelstrom to start. Version-Release number of selected component (if applicable): policy-1.11.3-3 How reproducible: Always Steps to Reproduce: 1. Boot the system in enforcing mode. 2. Log into Gnome. 3. Try starting Maelstrom Actual Results: There is a brief amount of disk activity followed by nothing. Expected Results: That the Maelstrom window appears and I can start playing. Additional info: