Bug 407591

Summary: pulseaudio-0.9.8-4.fc9 broke audio ....
Product: [Fedora] Fedora Reporter: Tom London <selinux>
Component: pulseaudioAssignee: Lennart Poettering <lpoetter>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: rawhideCC: dwalsh, pierre-bugzilla
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-12-06 16:15:37 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Tom London 2007-12-02 00:25:33 UTC 
Description of problem:
Installing pulseaudio-0.9.8-4.fc9 (and associated rawhide packages) appears to
have broken my working pulseaudio system.

Soundcard detection works fine (and I can hear sound from it), but I get a host
of messages in ~/.xsession-errors and /var/log/messages:

[tbl@localhost ~]$ cat .xs*
SESSION_MANAGER=local/unix:@/tmp/.ICE-unix/2602,unix/unix:/tmp/.ICE-unix/2602
ALSA lib conf.c:3949:(snd_config_expand) Unknown parameters 0
ALSA lib pcm.c:2145:(snd_pcm_open_noupdate) Unknown PCM front:0
ALSA lib conf.c:3949:(snd_config_expand) Unknown parameters 0
ALSA lib pcm.c:2145:(snd_pcm_open_noupdate) Unknown PCM surround40:0
ALSA lib conf.c:3949:(snd_config_expand) Unknown parameters 0
ALSA lib pcm.c:2145:(snd_pcm_open_noupdate) Unknown PCM surround41:0
ALSA lib conf.c:3949:(snd_config_expand) Unknown parameters 0
ALSA lib pcm.c:2145:(snd_pcm_open_noupdate) Unknown PCM surround50:0
ALSA lib conf.c:3949:(snd_config_expand) Unknown parameters 0
ALSA lib pcm.c:2145:(snd_pcm_open_noupdate) Unknown PCM surround51:0
ALSA lib conf.c:3949:(snd_config_expand) Unknown parameters 0
ALSA lib pcm.c:2145:(snd_pcm_open_noupdate) Unknown PCM surround71:0
ALSA lib pcm_hw.c:1207:(_snd_pcm_hw_open) Invalid value for card
ALSA lib conf.c:3949:(snd_config_expand) Unknown parameters 0
ALSA lib pcm.c:2145:(snd_pcm_open_noupdate) Unknown PCM front:0
ALSA lib conf.c:3949:(snd_config_expand) Unknown parameters 0
ALSA lib pcm.c:2145:(snd_pcm_open_noupdate) Unknown PCM surround40:0
ALSA lib conf.c:3949:(snd_config_expand) Unknown parameters 0
ALSA lib pcm.c:2145:(snd_pcm_open_noupdate) Unknown PCM surround41:0
ALSA lib conf.c:3949:(snd_config_expand) Unknown parameters 0
ALSA lib pcm.c:2145:(snd_pcm_open_noupdate) Unknown PCM surround50:0
ALSA lib conf.c:3949:(snd_config_expand) Unknown parameters 0
ALSA lib pcm.c:2145:(snd_pcm_open_noupdate) Unknown PCM surround51:0
ALSA lib conf.c:3949:(snd_config_expand) Unknown parameters 0
ALSA lib pcm.c:2145:(snd_pcm_open_noupdate) Unknown PCM surround71:0
ALSA lib pcm_hw.c:1207:(_snd_pcm_hw_open) Invalid value for card
Window manager warning: Failed to read saved session file
/home/tbl/.metacity/sessions/default1.ms: Failed to open file
'/home/tbl/.metacity/sessions/default1.ms': No such file or directory
11
seahorse nautilus module initialized
Initializing gnome-mount extension
start time: Tue Dec 26 06:00:00 2006


** (gnome-panel:2721): WARNING **: Failed to establish a connection with GDM: No
such file or directory
Saving session: gnome-terminal --window-with-profile-internal-id=Default
--show-menubar --role=gnome-terminal-2950--844546636-1196553490 --active
--geometry 80x24+0+25 --title tbl@localhost:~ --working-directory /home/tbl
--zoom 1 --window-with-profile-internal-id=Default --show-menubar
--role=gnome-terminal-2950--1512098363-1196553498 --active --geometry
80x24+0+486 --title tbl@localhost:~ --working-directory /home/tbl --zoom 1 
[tbl@localhost ~]$ 

And in /var/log messages:

ec  1 15:56:06 localhost pulseaudio[2715]: main.c: Called SUID root and
real-time/high-priority scheduling was requested in the configuration. However,
we lack the necessary priviliges:
Dec  1 15:56:06 localhost pulseaudio[2715]: main.c: We are not in group
'pulse-rt' and PolicyKit refuse to grant us priviliges. Dropping SUID again.
Dec  1 15:56:06 localhost pulseaudio[2715]: main.c: For enabling real-time
scheduling please acquire the appropriate PolicyKit priviliges, or become a
member of 'pulse-rt', or increase the RLIMIT_NICE/RLIMIT_RTPRIO resource limits
for this user.
Dec  1 15:56:06 localhost pulseaudio[2715]: pid.c: Stale PID file, overwriting.
Dec  1 15:56:06 localhost pulseaudio[2715]: main.c: setrlimit(RLIMIT_NICE, (31,
31)) failed: Operation not permitted
Dec  1 15:56:07 localhost pulseaudio[2715]: alsa-util.c: Error opening PCM
device hw:0: No such device
Dec  1 15:56:07 localhost pulseaudio[2715]: module.c: Failed to load  module
"module-alsa-sink" (argument: "device_id=0
sink_name=alsa_output.pci_8086_27d8_alsa_playback_0"): initialization failed.
Dec  1 15:56:07 localhost pulseaudio[2715]: alsa-util.c: Error opening PCM
device hw:0: No such device
Dec  1 15:56:07 localhost pulseaudio[2715]: module.c: Failed to load  module
"module-alsa-source" (argument: "device_id=0
source_name=alsa_input.pci_8086_27d8_alsa_capture_0"): initialization failed.
Dec  1 15:56:08 localhost pulseaudio[2715]: module.c: Failed to load  module
"module-rtp-recv" (argument: ""): initialization failed.
Dec  1 15:56:08 localhost pulseaudio[2715]: module-gconf.c: pa_module_load() failed


Version-Release number of selected component (if applicable):
pulseaudio-0.9.8-4.fc9

How reproducible:
Every time.  Broken

Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Tom London 2007-12-02 18:02:10 UTC 
I can make things work 'a bit better' (i.e., pavucontrol not crashing, etc.), by
manually chmod-ing a bunch of /dev/ files.

I 'chmod 666' all the files with major of 14, and all the files in /dev/snd.

I can 'play sound' from System->Preferences->Hardware->Sound (from the Sounds
tab), but rhythmbox crashes with

<<<SNIP>>>
Could not find the frame base for "IA__gtk_main_do_event".
Could not find the frame base for "gdk_event_dispatch".
Could not find the frame base for "g_main_context_iterate".
Cannot access memory at address 0x0
Could not find the frame base for "start_thread".
Could not find the frame base for "IA__g_spawn_sync".
Comment 2 Tom London 2007-12-02 19:40:35 UTC 
OK.... Now I'm confused.

With the above changes, 'paplay foo.wav' plays music.

So it appears the fixing the access bits on the /dev files makes pulseaudio
work. But, rhythmbox dies horribly (as does banshee).....
Comment 3 Tom London 2007-12-02 21:06:54 UTC 
Rhythmbox problem.... https://bugzilla.redhat.com/show_bug.cgi?id=407661
Comment 4 Tom London 2007-12-04 19:33:40 UTC 
More confusion: it works with SELinux in permissive mode, but not in enforcing mode.

I believe I have tracked this down to an issue with
/usr/libexec/ck-get-x11-display-device and SELinux.

Here are the AVCs:

type=AVC msg=audit(1196779565.801:132): avc:  denied  { search } for  pid=2614
comm="ck-get-x11-disp" name="2587" dev=proc ino=9642
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023
tcontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tclass=dir
type=AVC msg=audit(1196779565.801:132): avc:  denied  { read } for  pid=2614
comm="ck-get-x11-disp" name="stat" dev=proc ino=9861
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023
tcontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tclass=file
type=SYSCALL msg=audit(1196779565.801:132): arch=40000003 syscall=5 success=yes
exit=4 a0=8d27418 a1=8000 a2=0 a3=8000 items=0 ppid=2585 pid=2614
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) comm="ck-get-x11-disp" exe="/usr/libexec/ck-get-x11-display-device"
subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1196779565.802:133): avc:  denied  { getattr } for  pid=2614
comm="ck-get-x11-disp" path="/proc/2587/stat" dev=proc ino=9861
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023
tcontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tclass=file
type=SYSCALL msg=audit(1196779565.802:133): arch=40000003 syscall=197
success=yes exit=0 a0=4 a1=bff4cfc8 a2=bdcff4 a3=8d27418 items=0 ppid=2585
pid=2614 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) comm="ck-get-x11-disp" exe="/usr/libexec/ck-get-x11-display-device"
subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)

Adding the following policy rules appears to make this work again:

module localpulse2 1.0;

require {
        type xdm_xserver_t;
        type xdm_t;
        class dir search;
        class file { read getattr };
}

#============= xdm_t ==============
allow xdm_t xdm_xserver_t:dir search;
allow xdm_t xdm_xserver_t:file { read getattr };

Not sure if this is the proper fix...... Daniel?
Comment 5 Daniel Walsh 2007-12-05 15:29:03 UTC 
Yes I found the same problem.


Should be fixed in selinux-policy-3.2.2-1.fc9
Comment 6 Tom London 2007-12-05 17:40:48 UTC 
I can confirm: selinux-policy-3.2.2-1.fc9 fixes this for me.
Comment 7 Daniel Walsh 2007-12-06 16:23:28 UTC 
Hows this?

DESCRIPTION
       matchpathcon  Queries the system and prints the default security
       context associated with the filepath.

       Note: Identical paths  can  have  different  security  contexts,
       depending on the file type. (regular file, directory, link file,
       char file ...)

       matchpathcon will check the system  default  context  using  the
       file  type  if  the file exists.  If the file does not exist, it
       will get the context of a regular file.