Bug 213277
Summary: | AVC denial for agetty trying to open /dev/xvc0 | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Daniel Berrangé <berrange> |
Component: | selinux-policy | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED NEXTRELEASE | QA Contact: | Ben Levenson <benl> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 5 | CC: | dwalsh, xen-maint |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2007-02-14 15:17:03 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Daniel Berrangé
2006-10-31 16:03:52 UTC
Temporary workaround # ls -lZ /dev/xvc0 crw--w---- root tty root:object_r:device_t /dev/xvc0 # semanage fcontext -a -t tty_device_t -f -c /dev/xvc0 # restorecon /dev/xvc0 # ls -lZ /dev/xvc0 crw--w---- root tty system_u:object_r:tty_device_t /dev/xvc0 Be preferrable to get the policy updated for FC5 though so it 'just works' for all users. All of these bugs should be fixed in FC6, You could attempt to use the FC6 policy on FC5 or upgrade. Or you could use audit2allow -M mypolicy -i /var/log/audit/audit.log and build local customized policy |