Bug 158965
| Summary: | Automatic ADSL connection during boot fails because of selinux | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Andreas Simon <andreas.w.simon> |
| Component: | rp-pppoe | Assignee: | Than Ngo <than> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | medium | ||
| Version: | rawhide | CC: | dwalsh, ronny-rhbugzilla |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | i386 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2005-06-26 08:57:39 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Fixed in selinux-policy-*1.23.17-4 |
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050524 Fedora/1.0.4-4 Firefox/1.0.4 Description of problem: I configured ADSL to connect during boot. This fails because of selinux errors. Activating the connection with the system-config-network GUI or activating it with "system-config-network-cmd -a xDSL" via the command line after the system is booted works without problems. It's just the automatic start during boot which fails. Version-Release number of selected component (if applicable): rp-pppoe-3.5-27 How reproducible: Always Steps to Reproduce: 1. Configure an ADSL (xDSL) connection with system-config-network. 2. Choose "Activate device when computer starts" for this network device 3. Boot Actual Results: During the boot there is a long timeout when the system tries to start the ADSL connection. Then [fail] is printed. Expected Results: Activate the ADSL connection. Additional info: Here are the related messages from /var/log/messages: May 27 08:24:59 obsidian kernel: ip_tables: (C) 2000-2002 Netfilter core team May 27 08:24:59 obsidian kernel: ip_conntrack version 2.1 (4095 buckets, 32760 max) - 272 bytes per conntrack May 27 08:24:59 obsidian kernel: eth0: link up, 10Mbps, half-duplex, lpa 0x0021 May 27 08:24:59 obsidian kernel: CSLIP: code copyright 1989 Regents of the University of California May 27 08:24:59 obsidian kernel: PPP generic driver version 2.4.2 May 27 08:24:59 obsidian kernel: audit(1117175032.481:3): avc: denied { read } for pid=1839 comm="sh" name=pppoe dev=dm-0 ino=1318377 scontext=system_u:system_r:pppd_t tcontext=system_u:object_r:sbin_t tclass=lnk_file May 27 08:24:59 obsidian kernel: audit(1117175032.481:4): avc: denied { read } for pid=1839 comm="sh" name=pppoe dev=dm-0 ino=1318377 scontext=system_u:system_r:pppd_t tcontext=system_u:object_r:sbin_t tclass=lnk_file May 27 08:24:59 obsidian kernel: audit(1117175032.481:5): avc: denied { read } for pid=1839 comm="sh" name=pppoe dev=dm-0 ino=1318377 scontext=system_u:system_r:pppd_t tcontext=system_u:object_r:sbin_t tclass=lnk_file May 27 08:24:59 obsidian kernel: audit(1117175037.513:6): avc: denied { read } for pid=1857 comm="sh" name=pppoe dev=dm-0 ino=1318377 scontext=system_u:system_r:pppd_t tcontext=system_u:object_r:sbin_t tclass=lnk_file ... ... ... May 27 08:24:59 obsidian kernel: audit(1117175097.783:42): avc: denied { read } for pid=1994 comm="sh" name=pppoe dev=dm-0 ino=1318377 scontext=system_u:system_r:pppd_t tcontext=system_u:object_r:sbin_t tclass=lnk_file May 27 08:24:59 obsidian kernel: audit(1117175097.783:43): avc: denied { read } for pid=1994 comm="sh" name=pppoe dev=dm-0 ino=1318377 scontext=system_u:system_r:pppd_t tcontext=system_u:object_r:sbin_t tclass=lnk_file May 27 08:24:59 obsidian kernel: audit(1117175097.783:44): avc: denied { read } for pid=1994 comm="sh" name=pppoe dev=dm-0 ino=1318377 scontext=system_u:system_r:pppd_t tcontext=system_u:object_r:sbin_t tclass=lnk_file May 27 08:25:01 obsidian kernel: parport: PnPBIOS parport detected. May 27 08:25:01 obsidian kernel: parport0: PC-style at 0x378 (0x778), irq 7 [PCSPP,TRISTATE] May 27 08:25:01 obsidian kernel: lp0: using parport0 (interrupt-driven). May 27 08:25:01 obsidian kernel: lp0: console ready The '...' means that the audit message is repeated many times, just with different pids. Device "dm-0" (/dev/dm-0) is my root partition, a ext3 filesystem residing on a LVM volume (/dev/main_vg/root_lv). Other info which maybe interesting: # ls -li /usr/sbin/pppoe 1318377 lrwxrwxrwx 1 root root 16 May 26 13:36 /usr/sbin/pppoe -> ../../sbin/pppoe # ls -li /sbin/pppoe 622697 -rwxr-xr-x 1 root root 32424 Mar 7 18:32 /sbin/pppoe # ls -Z /sbin/pppoe -rwxr-xr-x root root system_u:object_r:sbin_t /sbin/pppoe Here the package versions: selinux-policy-targeted-1.23.16-6 rp-pppoe-3.5-27