Bug 426427

Summary: SELinux is preventing /sbin/udevd (udev_t) "relabelfrom" to par0 (device_t).
Product: [Fedora] Fedora Reporter: jonas duffy <stlux>
Component: selinux-policyAssignee: Daniel Walsh <dwalsh>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: low    
Version: 7   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Current Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-01-30 19:19:03 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description jonas duffy 2007-12-20 22:58:58 UTC 
Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 jonas duffy 2007-12-20 23:03:34 UTC 
SELinux denied access requested by /sbin/udevd. It is not expected that this
access is required by /sbin/udevd and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.

Source Context:  system_u:system_r:cupsd_t:SystemLow-SystemHighTarget
Context:  system_u:object_r:hplip_exec_tTarget Objects:  /usr/bin/hpijs [ file
]Affected RPM Packages:  hpijs-1.7.4a-6.fc7 [target]Policy
RPM:  selinux-policy-2.6.4-61.fc7Selinux Enabled:  TruePolicy Type:  targetedMLS
Enabled:  TrueEnforcing Mode:  EnforcingPlugin Name:  plugins.catchall_fileHost
Name:  stlux.jontobias.bizPlatform:  Linux stlux.jontobias.biz 2.6.23.8-34.fc7
#1 SMP Thu Nov 22 23:05:33 EST 2007 i686 i686Alert Count:  5First Seen:  Thu 20
Dec 2007 02:31:33 PM PSTLast Seen:  Thu 20 Dec 2007 02:40:05 PM PSTLocal
ID:  023e3930-8123-4aad-b7e9-63381376bf96Line Numbers:  Raw Audit Messages :avc:
denied { getattr } for comm="sh" dev=dm-0 egid=7 euid=4 exe="/bin/bash" exit=-13
fsgid=7 fsuid=4 gid=7 items=0 path="/usr/bin/hpijs" pid=7737
scontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 sgid=7
subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 suid=4 tclass=file
tcontext=system_u:object_r:hplip_exec_t:s0 tty=(none) uid=4
Comment 2 Daniel Walsh 2007-12-21 07:21:42 UTC 
Both of these should be fixed in 

selinux-policy-2.6.4-63.fc7
Comment 3 Daniel Walsh 2008-01-30 19:19:03 UTC 
Bulk closing all bugs in Fedora updates in the modified state.  If you bug is
not fixed, please reopen.