Bug 425271

Summary: SELinux error on resume from suspend
Product: Red Hat Enterprise Linux 5 Reporter: Gary Case <gcase>
Component: pm-utilsAssignee: Phil Knirsch <pknirsch>
Status: CLOSED ERRATA QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: 5.1CC: jfeeney, rvokal
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-12-17 10:46:28 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Gary Case 2007-12-14 19:07:49 UTC 
Description of problem:
SELinux is preventing /usr/sbin/vbetool (vbetool_t) "write" to
/var/log/pm/suspend.log (pmtools_log_t).

Version-Release number of selected component (if applicable):
pm-utils-0.99.3-6.el5.17 (RHEL5.1 with no updates)

How reproducible:
Every time

Steps to Reproduce:
1. Suspend system
2. Resume system
3.
  
Actual results:
SELinux error

Expected results:
No errors

Additional info:
Source Context:  system_u:system_r:vbetool_t
Target Context:  system_u:object_r:pmtools_log_t
Target Objects:  /var/log/pm/suspend.log [ file ]
Affected RPM Packages:  pm-utils-0.99.3-6.el5.17
[application]pm-utils-0.99.3-6.el5.17 [target]Policy 
RPM:  selinux-policy-2.4.6-104.el5
Selinux Enabled:  True
Policy Type:  targeted
MLS Enabled:  True
Enforcing Mode:  Enforcing
Plugin Name:  plugins.catchall_file
Host Name:  dhcp243-187.rdu.redhat.com
Platform:  Linux dhcp243-187.rdu.redhat.com 2.6.18-53.el5 #1 SMP Wed Oct 10
16:34:19 EDT 2007 x86_64 x86_64
Alert Count:  10
Line Numbers:   

Raw Audit Messages :
avc: denied { write } for comm="vbetool" dev=dm-0 egid=0 euid=0
exe="/usr/sbin/vbetool" exit=0 fsgid=0 fsuid=0 gid=0 items=0
path="/var/log/pm/suspend.log" pid=4564 scontext=system_u:system_r:vbetool_t:s0
sgid=0 subj=system_u:system_r:vbetool_t:s0 suid=0 tclass=file
tcontext=system_u:object_r:pmtools_log_t:s0 tty=(none) uid=0
Comment 1 RHEL Program Management 2007-12-14 19:54:37 UTC 
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 2 Gary Case 2007-12-14 20:53:42 UTC 
It looks like this is fixed in the latest packages. I did a yum update to the
current RHN bits and the problem went away.

-Gary
Comment 3 John Feeney 2007-12-14 21:06:59 UTC 
Probably due to bz327121. So I guess this is a dup.
Comment 4 Phil Knirsch 2007-12-17 10:46:28 UTC 
Ok, closing as ERRATA due to comment #2 and #3.

Read ya, Phil