Bug 441095
Summary: | denied write runlevel utmp for NetworkManager on interface activation | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Orion Poplawski <orion> |
Component: | selinux-policy | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | rawhide | CC: | archimerged, jkubin |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2008-04-09 12:27:18 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Orion Poplawski
2008-04-06 04:09:17 UTC
$ cat /sbin/runlevel
#!/bin/bash
( date; ps -ef; echo runlevel "$@"; ls --lcontext /var/run/utmp )
>/tmp/runlevel-ps-ef-$( date --iso=sec | tr T: .. )
/sbin/runlevel-orig "$@"
Running in permissive mode. Otherwise the /tmp/ file couldn't be created either.
root 2240 1 0 20:28 ? 00:00:00 NetworkManagerDispatcher
--pid-file=/var/run/NetworkManager/NetworkManagerDispatcher.pid
root 2343 2240 0 20:28 ? 00:00:00 /bin/sh
/etc/NetworkManager/dispatcher.d/05-netfs eth0 up
root 2347 2343 0 20:28 ? 00:00:00 /sbin/chkconfig netfs
root 2348 2347 0 20:28 ? 00:00:00 /bin/bash /sbin/runlevel
root 2349 2348 0 20:28 ? 00:00:00 /bin/bash /sbin/runlevel
root 2354 2349 0 20:28 ? 00:00:00 ps -ef
Clearly NMdispatcher is running 05-netfs which calls chkconfig netfs which calls
runlevel, which gets the avc denial.
Please update to the latest selinux policy Fixed in selinux-policy-3.3.1-30.fc9 Works in Rawhide-2008-04-09 |