Bug 432353
Summary: | SELinux prevented dbus-daemon from using the terminal /dev/tty1. | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Matěj Cepl <mcepl> |
Component: | selinux-policy | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | rawhide | CC: | dwalsh, mcepl |
Target Milestone: | --- | Keywords: | Reopened, SELinux |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2008-03-05 22:19:09 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Matěj Cepl
2008-02-11 15:16:02 UTC
Fixed in selinux-policy-3.2.7-3.fc9 The fix works for the original reporter with selinux-policy-3.2.7-3.fc9. (He sits at the next desk.) However, I have just upgraded to selinux-policy-3.2.7-4.fc9 (and rebooted), and observe an almost identical problem. The difference is that I use runlevel 3 and startx from tty6 (or tty11 or whatever). Other differences: i386, selinux-policy-3.2.7-4.fc9 The messages in audit.log are: type=AVC msg=audit(1202910517.486:49): avc: denied { read write } for pid=4768 comm="dbus-daemon" path="/dev/tty6" dev=tmpfs ino=2310 scontext=unconfined_u:unconfined_r:unconfined_dbusd_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:unconfined_tty_device_t:s0 tclass=chr_file type=SYSCALL msg=audit(1202910517.486:49): arch=40000003 syscall=11 success=yes exit=0 a0=804c907 a1=bff4414c a2=bff45574 a3=7 items=0 ppid=4767 pid=4768 auid=10464 uid=10464 gid=10464 euid=10464 suid=10464 fsuid=10464 egid=10464 sgid=10464 fsgid=10464 tty=(none) comm="dbus-daemon" exe="/bin/dbus-daemon" subj=unconfined_u:unconfined_r:unconfined_dbusd_t:s0-s0:c0.c1023 key=(null) (this shouldn't be a surprise: please avoid reporting selinux errors against anything but selinux packages) Fixed in selinux-policy-3.3.1-4.fc9 CLosed as this should be fixed in rawhide. If this problem persists please reopen the bugzilla. |