Bug 439666
| Summary: | yum update from f8->f9 causes pulseaudio denials. | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Dave Jones <davej> |
| Component: | selinux-policy-targeted | Assignee: | Daniel Walsh <dwalsh> |
| Status: | CLOSED NOTABUG | QA Contact: | Ben Levenson <benl> |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | rawhide | CC: | pfrields |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2008-03-30 05:32:10 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
You seem to have a log of files without labels on them. You need to rm -rf /tmp/pulse* If you see any other files labeled file_t on /tmp you should remove them. And allow them to be recreated on the next login. I am not sure if you have a general labeling problem. If you see other files around with file_t you might want to relable. touch /.autorelable; reboot weird. as I mentioned, it relabeled when I first rebooted. I guess it didn't erase the files in /tmp. A second relabelling after I removed those files did the trick. Relabeling does not touch files in /tmp, /media /mnt because the labels are fairly random. And we don't know what to label them. /tmp seems to be a problem though because it leaves files around from login. If we relabeled files to tmp_t it would cause programs to fail also. IE Confined apps not able to write to tmp_t. The best solution is to delete all files in /tmp but this can blow away files that the user wants to keep |
selinux-policy-targeted-3.3.1-25.fc9.noarch even after a relabel on reboot, it still fails.. host=gelk type=AVC msg=audit(1206853930.495:1451): avc: denied { lock } for pid=6273 comm="pulseaudio" path="/tmp/pulse-gdm/pid" dev=md0 ino=67567674 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file host=gelk type=SYSCALL msg=audit(1206853930.495:1451): arch=c000003e syscall=72 success=yes exit=0 a0=3 a1=7 a2=7fffa5a01260 a3=8101010101010100 items=0 ppid=6262 pid=6273 auid=4294967295 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) ses=4294967295 comm="pulseaudio" exe="/usr/bin/pulseaudio" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null) host=gelk type=AVC msg=audit(1206853930.495:1452): avc: denied { getattr } for pid=6273 comm="pulseaudio" path="/tmp/pulse-gdm/pid" dev=md0 ino=67567674 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file host=gelk type=SYSCALL msg=audit(1206853930.495:1452): arch=c000003e syscall=5 success=yes exit=0 a0=3 a1=7fffa5a012b0 a2=7fffa5a012b0 a3=8101010101010100 items=0 ppid=6262 pid=6273 auid=4294967295 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) ses=4294967295 comm="pulseaudio" exe="/usr/bin/pulseaudio" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null) host=gelk type=AVC msg=audit(1206853931.164:1453): avc: denied { create } for pid=6273 comm="pulseaudio" name="native" scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=sock_file host=gelk type=SYSCALL msg=audit(1206853931.164:1453): arch=c000003e syscall=49 success=yes exit=0 a0=19 a1=7fffa5a01090 a2=17 a3=7fffa5a01084 items=0 ppid=6262 pid=6273 auid=4294967295 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) ses=4294967295 comm="pulseaudio" exe="/usr/bin/pulseaudio" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null) host=gelk type=AVC msg=audit(1206853931.165:1454): avc: denied { setattr } for pid=6273 comm="pulseaudio" name="native" dev=md0 ino=67567677 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=sock_file host=gelk type=SYSCALL msg=audit(1206853931.165:1454): arch=c000003e syscall=90 success=yes exit=0 a0=7fffa5a01150 a1=1ff a2=17 a3=7fffa5a01084 items=0 ppid=6262 pid=6273 auid=4294967295 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) ses=4294967295 comm="pulseaudio" exe="/usr/bin/pulseaudio" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null) host=gelk type=AVC msg=audit(1206853930.492:1449): avc: denied { setattr } for pid=6273 comm="pulseaudio" name="pulse-gdm" dev=md0 ino=67567670 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=dir host=gelk type=SYSCALL msg=audit(1206853930.492:1449): arch=c000003e syscall=92 success=yes exit=0 a0=7fffa5a013b0 a1=2a a2=2a a3=f items=0 ppid=6262 pid=6273 auid=4294967295 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) ses=4294967295 comm="pulseaudio" exe="/usr/bin/pulseaudio" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null) host=gelk type=AVC msg=audit(1206853930.494:1450): avc: denied { write } for pid=6273 comm="pulseaudio" name="pulse-gdm" dev=md0 ino=67567670 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=dir host=gelk type=AVC msg=audit(1206853930.494:1450): avc: denied { add_name } for pid=6273 comm="pulseaudio" name="pid" scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=dir host=gelk type=AVC msg=audit(1206853930.494:1450): avc: denied { create } for pid=6273 comm="pulseaudio" name="pid" scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file host=gelk type=AVC msg=audit(1206853930.494:1450): avc: denied { read write } for pid=6273 comm="pulseaudio" name="pid" dev=md0 ino=67567674 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file host=gelk type=SYSCALL msg=audit(1206853930.494:1450): arch=c000003e syscall=2 success=yes exit=3 a0=7fffa5a01380 a1=20142 a2=180 a3=8101010101010100 items=0 ppid=6262 pid=6273 auid=4294967295 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) ses=4294967295 comm="pulseaudio" exe="/usr/bin/pulseaudio" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)