Bug 238068
| Summary: | /var/log/pm-suspend.log keeps getting the wrong selinux context | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Zack Cerza <zcerza> | ||||
| Component: | pm-utils | Assignee: | Phil Knirsch <pknirsch> | ||||
| Status: | CLOSED RAWHIDE | QA Contact: | |||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | rawhide | CC: | dwalsh, mauri.korkeala, opensource, rvokal | ||||
| Target Milestone: | --- | Keywords: | Desktop | ||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | 0.99.4-3.fc8 | Doc Type: | Bug Fix | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2007-09-19 23:32:09 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | |||||||
| Bug Blocks: | 253722 | ||||||
| Attachments: |
|
||||||
Created attachment 153625 [details]
Fix labeling on pm-suspend.log file
This patch will restore the context on the pm-suspend.log file so hal can deal
with it.
*** Bug 240911 has been marked as a duplicate of this bug. *** |
Description of problem: pm-suspend.log is supposed to have the hald_log_t context, but it keeps getting reset to var_log_t, causing avc denials such the following on resume: avc: denied { write } for comm="ntpd" dev=sda3 egid=0 euid=0 exe="/usr/sbin/ntpd" exit=0 fsgid=0 fsuid=0 gid=0 items=0 name="pm-suspend.log" path="/var/log/pm-suspend.log" pid=3051 scontext=user_u:system_r:ntpd_t:s0 sgid=0 subj=user_u:system_r:ntpd_t:s0 suid=0 tclass=file tcontext=user_u:object_r:var_log_t:s0 tty=(none) uid=0 avc: denied { write } for comm="pm-suspend" dev=sda3 egid=0 euid=0 exe="/bin/bash" exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name="pm-suspend.log" pid=3028 scontext=system_u:system_r:hald_t:s0 sgid=0 subj=system_u:system_r:hald_t:s0 suid=0 tclass=file tcontext=user_u:object_r:var_log_t:s0 tty=(none) uid=0 avc: denied { getattr } for comm="pm-suspend" dev=sda3 egid=0 euid=0 exe="/bin/bash" exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name="pm-suspend.log" path="/var/log/pm-suspend.log" pid=3028 scontext=system_u:system_r:hald_t:s0 sgid=0 subj=system_u:system_r:hald_t:s0 suid=0 tclass=file tcontext=user_u:object_r:var_log_t:s0 tty=(none) uid=0 Version-Release number of selected component (if applicable): pm-utils-0.99.3-1.fc7.i386 How reproducible: Always