Bug 671067
Summary: | SELinux is preventing /bin/loadkeys from 'open' accesses on the fifo_file Unknown. | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Mark Harig <tpeplt> |
Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 14 | CC: | dwalsh, mgrepl |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | setroubleshoot_trace_hash:8112a20dbdad1edcfc642f1504ee28704de0c6932e4d4853fc409276fdb4779d | ||
Fixed In Version: | selinux-policy-3.9.7-28.fc14 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2011-02-03 20:26:03 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Mark Harig
2011-01-20 06:47:24 UTC
Please let me know if there is more information that I can provide. Could you add output of # ps -eZ | grep initrc What application were you running when this happened? Could be something started by dbus? (In reply to comment #2) > Could you add output of > > # ps -eZ | grep initrc $ ps -eZ|grep initrc system_u:system_r:initrc_t:s0 1020 ? 00:00:00 system-setup-ke (In reply to comment #3) > What application were you running when this happened? Could be something > started by dbus? This occurred shortly after I logged onto Gnome. I have a Gnome terminal in my Start-up applications, so it had been started automatically (running a bash session). /bin/loadkeys is included in my /etc/rc.local, so it is run automatically during the booting process. I have been using this for several years across multiple Fedora releases, only modifying the keyboard map file that I use. There is no problems, it looks like we need policy for system-setup-keyboard. This avc is reporting that load_keys was opening a fifo_file connection to system-setup-keyboard. I added this policy to Rawhide sometime ago. I will backport it to F14. Fixed in selinux-policy-3.9.7-26.fc14 (In reply to comment #8) > Fixed in selinux-policy-3.9.7-26.fc14 Thank you. I have selinux-policy-3.9.7-25 installed. I will check for this fix when the next update is available. I am assuming that this change will automatically override the local policy that I installed. Is this assumption correct? Well it will just add the same allow rules again. After you udpate you should remove your local customizations, to see if they are in the base package. selinux-policy-3.9.7-28.fc14 has been submitted as an update for Fedora 14. https://admin.fedoraproject.org/updates/selinux-policy-3.9.7-28.fc14 selinux-policy-3.9.7-28.fc14 has been pushed to the Fedora 14 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update selinux-policy'. You can provide feedback for this update here: https://admin.fedoraproject.org/updates/selinux-policy-3.9.7-28.fc14 selinux-policy-3.9.7-28.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report. (In reply to comment #10) > Well it will just add the same allow rules again. After you udpate you should > remove your local customizations, to see if they are in the base package. $ sudo semodule -l |grep mypol mypol 1.0 $ sudo semodule -r mypol $ sudo semodule -l |grep mypol After installing 'selinux-policy-3.9.7-28' from the updates-testing repository and rebooting, the problem originally reported no longer occurs. Great. Thank you. |