Bug 194474

Summary: selinux blocks signals from ifdown to pppd
Product: [Fedora] Fedora Reporter: Mike <spambox>
Component: selinux-policyAssignee: Daniel Walsh <dwalsh>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 5CC: dwalsh
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: 2.2.47-3 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-07-11 09:02:10 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Mike 2006-06-08 13:09:10 UTC
Description of problem:

Jun  8 15:09:45 xxx kernel: audit(1149772185.419:6): avc:  denied  { signal }
for  pid=2974 comm="pppd" scontext=system_u:system_r:pppd_t:s0
tcontext=system_u:system_r:pppd_t:s0 tclass=process
Jun  8 15:09:45 xxx kernel: audit(1149772185.419:7): avc:  denied  { signal }
for  pid=2974 comm="pppd" scontext=system_u:system_r:pppd_t:s0
tcontext=system_u:system_r:pppd_t:s0 tclass=process

Version-Release number of selected component (if applicable):

clean/fresh/minimal/yesterday install with all updates

How reproducible:

`ifdown ppp0`

or 'kill.pppd' file in '/etc/cron.daily/' directory:

<--
#! /bin/bash

PID_FILE="/var/run/pppoe-adsl.pid.pppd"

if [ -f $PID_FILE ] ; then
  PID=`head -1 $PID_FILE`
  kill -TERM ${PID}
#  echo ${PID}
fi
-->
  
Additional info:

My '/etc/sysconfig/network-scripts/ifcfg-ppp0' file:

<--
USERCTL=no
BOOTPROTO=dialup
NAME=DSLppp0
DEVICE=ppp0
TYPE=xDSL
ONBOOT=yes
PIDFILE=/var/run/pppoe-adsl.pid
FIREWALL=NONE
PING=.
PPPOE_TIMEOUT=80
LCP_FAILURE=3
LCP_INTERVAL=20
CLAMPMSS=1412
CONNECT_POLL=6
CONNECT_TIMEOUT=0
DEFROUTE=yes
SYNCHRONOUS=no
ETH=eth1
PROVIDER=DSLppp0
USER=adsl
PEERDNS=no
-->

Comment 1 Daniel Walsh 2006-06-16 01:49:09 UTC
Fixed in selinux-policy-2.2.47-3