Bug 634650
Summary: | SELinux is preventing /sbin/usbhid-ups "read write" access to device 104. | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Laurent Rineau <laurent.rineau__fedora> | ||||
Component: | udev | Assignee: | Harald Hoyer <harald> | ||||
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | 13 | CC: | dwalsh, harald, jonathan, laurent.rineau__fedora, mgrepl | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | x86_64 | ||||||
OS: | Linux | ||||||
Whiteboard: | setroubleshoot_trace_hash:546a446ac5854cffb584b5bdd8f2a01e2ee5ace3241922e92d1cc2bb0fe15e29 | ||||||
Fixed In Version: | udev-153-4.fc13 | Doc Type: | Bug Fix | ||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2010-09-26 04:37:24 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Laurent Rineau
2010-09-16 15:52:22 UTC
Created attachment 447779 [details]
open fds of /sbin/usbhid-ups with contexts: result of sudo sh -c 'ls -lZ /proc/`pidof usbhid-ups`/fd'
It seems to be a sort of race-condition between udev and /sbin/usbhid-ups
I attach the result of sudo sh -c 'ls -lZ /proc/`pidof usbhid-ups`/fd' that displays selinux contexts of devices opened by usbhid-ups
Comment on attachment 447779 [details]
open fds of /sbin/usbhid-ups with contexts: result of sudo sh -c 'ls -lZ /proc/`pidof usbhid-ups`/fd'
Ooops. The context in /proc/$PID/fd are those of the symbolic links.
Here is the context of the real device:
$ ls -lZ /dev/bus/usb/004/104
crw-rw-r--. root dialout system_u:object_r:usb_device_t:s0 /dev/bus/usb/004/104
udev has a rule for my UPS device, in this file: /lib/udev/rules.d/62-nut-usbups.rules Here is the relevant line: ATTR{idVendor}=="0463", ATTR{idProduct}=="ffff", MODE="664", GROUP="dialout" Should there be here something about the SELinux context of the newly created device inode? udev-153-4.fc13 has been submitted as an update for Fedora 13. https://admin.fedoraproject.org/updates/udev-153-4.fc13 udev-153-4.fc13 has been pushed to the Fedora 13 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update udev'. You can provide feedback for this update here: https://admin.fedoraproject.org/updates/udev-153-4.fc13 udev-153-4.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report. I use udev-153-4.fc13.x86_64 but still have the AVCs. |