Bug 437699
Summary: | No error messages from kismet | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Göran Uddeborg <goeran> |
Component: | selinux-policy-targeted | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Ben Levenson <benl> |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | 8 | ||
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2008-11-10 13:32:53 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Göran Uddeborg
2008-03-16 17:43:15 UTC
What avc messages were generated? I can imagine that is a bit of a standard question from you on those reports. And for good reason I suspect. :-) But in this case, I actually said in my second paragraph that I don't get any avc messages. And according to strace the write system calls succeed. But still, nothing is written in the xterm where I run the command. I do not know what functionality in SELinux that could cause this behaviour. semodule -DB Will turn off all "dontaudit" rules. Then run kismet. semodule -B will turn dontaudit rules back on. Yes, with that I did get some messages: time->Mon Mar 17 16:13:50 2008 type=SYSCALL msg=audit(1205766830.050:1324): arch=c000003e syscall=59 success=yes exit=0 a0=6268a0 a1=7fff49de6140 a2=632000 a3=0 items=0 ppid=1136 pid=3534 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="kismet" exe="/usr/bin/kismet" subj=unconfined_u:system_r:kismet_t:s0-s0:c0.c1023 key=(null) type=AVC msg=audit(1205766830.050:1324): avc: denied { read write } for pid=3534 comm="kismet" path="/dev/pts/1" dev=devpts ino=3 scontext=unconfined_u:system_r:kismet_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:unconfined_devpts_t:s0 tclass=chr_file type=AVC msg=audit(1205766830.050:1324): avc: denied { read write } for pid=3534 comm="kismet" path="/dev/pts/1" dev=devpts ino=3 scontext=unconfined_u:system_r:kismet_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:unconfined_devpts_t:s0 tclass=chr_file type=AVC msg=audit(1205766830.050:1324): avc: denied { read write } for pid=3534 comm="kismet" path="/dev/pts/1" dev=devpts ino=3 scontext=unconfined_u:system_r:kismet_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:unconfined_devpts_t:s0 tclass=chr_file type=AVC msg=audit(1205766830.050:1324): avc: denied { read write } for pid=3534 comm="kismet" name="1" dev=devpts ino=3 scontext=unconfined_u:system_r:kismet_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:unconfined_devpts_t:s0 tclass=chr_file You can allow this for now by executing # audit2allow -M mypol -i /var/log/audit/audit.log # semodule -i mypol.pp Fixed in selinux-policy-3.0.8-94.fc8 |