Bug 633039

Summary: SELinux is preventing /usr/bin/tor "signal" access .
Product: [Fedora] Fedora Reporter: Christoph A. <casmls>
Component: selinux-policyAssignee: Daniel Walsh <dwalsh>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: 13CC: dwalsh, mgrepl
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: selinux-policy-3.7.19-57.fc13 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-09-22 00:38:28 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Christoph A. 2010-09-12 15:06:26 UTC 
Description of problem:

SELinux is preventing /usr/bin/tor "signal" access .

Source Context                system_u:system_r:tor_t:s0
Target Context                system_u:system_r:tor_t:s0
Target Objects                None [ process ]
Source                        tor
Source Path                   /usr/bin/tor
Port                          <Unknown>
Source RPM Packages           tor-core-0.2.1.26-1300.fc13
Target RPM Packages           
Policy RPM                    selinux-policy-3.7.19-54.fc13
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Plugin Name                   catchall
Alert Count                   2

Raw Audit Messages            

type=AVC msg=audit(1284300096.284:59): avc:  denied  { signal } for  pid=1532 comm="tor" scontext=system_u:system_r:tor_t:s0 tcontext=system_u:system_r:tor_t:s0 tclass=process

type=SYSCALL msg=audit(1284300096.284:59): arch=c000003e syscall=234 success=yes exit=4294967424 a0=5fc a1=5fc a2=6 a3=8 items=0 ppid=1 pid=1532 auid=4294967295 uid=488 gid=485 euid=488 suid=488 fsuid=488 egid=485 sgid=485 fsgid=485 tty=(none) ses=4294967295 comm="tor" exe="/usr/bin/tor" subj=system_u:system_r:tor_t:s0 key=(null)


I think this access should be allowed.
Comment 1 Miroslav Grepl 2010-09-13 10:48:05 UTC 
Fixed in selinux-policy-3.7.19-56.fc13
Comment 2 Fedora Update System 2010-09-13 16:08:46 UTC 
selinux-policy-3.7.19-57.fc13 has been submitted as an update for Fedora 13.
https://admin.fedoraproject.org/updates/selinux-policy-3.7.19-57.fc13
Comment 3 Fedora Update System 2010-09-15 05:30:01 UTC 
selinux-policy-3.7.19-57.fc13 has been pushed to the Fedora 13 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update selinux-policy'.  You can provide feedback for this update here: https://admin.fedoraproject.org/updates/selinux-policy-3.7.19-57.fc13
Comment 4 Fedora Update System 2010-09-22 00:37:27 UTC 
selinux-policy-3.7.19-57.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.