Bug 200276

Summary: firstboot needs to be able to talk to dbus
Product: [Fedora] Fedora Reporter: Chris Lumens <clumens>
Component: selinux-policyAssignee: Daniel Walsh <dwalsh>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: dwalsh, redwolfe
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-07-31 14:41:21 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Chris Lumens 2006-07-26 17:20:25 UTC
system-config-soundcard apparently now talks to dbus, and firstboot uses parts
of s-c-soundcard.  So firstboot needs to be able to talk to dbus as well.  Here
are the audit messages:

audit(1153898964.792:17): user pid=2078 uid=81 auid=4294967295
subj=system_u:system_r:system_dbusd_t:s0 msg='avc:  denied  { send_msg } for
msgtype=method_call interface=org.freedesktop.DBus.Introspectable
member=Introspect dest=org.freedesktop.Hal spid=2414 tpid=2367
scontext=system_u:system_r:firstboot_t tcontext=system_u:system_r:hald_t tclass=dbus
: exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
audit(1153898964.864:18): user pid=2078 uid=81 auid=4294967295
subj=system_u:system_r:system_dbusd_t:s0 msg='avc:  denied  { send_msg } for
msgtype=method_call interface=org.freedesktop.Hal.Manager
member=FindDeviceByCapability dest=org.freedesktop.Hal spid=2414 tpid=2367
scontext=system_u:system_r:firstboot_t tcontext=system_u:system_r:hald_t tclass=dbus
: exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'

Comment 1 Daniel Walsh 2006-07-26 17:58:54 UTC
Fixed in selinux-policy-2_3_3-11

Comment 2 Chris Lumens 2006-07-27 13:38:32 UTC
*** Bug 200359 has been marked as a duplicate of this bug. ***

Comment 3 Chris Lumens 2006-07-31 14:41:21 UTC
This looks good now.  Thanks.