Bug 732937
Summary: | SELinux is preventing /sbin/ldconfig from 'append' accesses on the chr_file /dev/tty3. | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Michal Nowak <mnowak> |
Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 16 | CC: | anaconda-maint-list, awilliam, dominick.grift, dwalsh, icj, jonathan, kparal, mgrepl, mikhail.v.gavrilov, ohudlick, shnurapet, vanmeeuwen+fedora |
Target Milestone: | --- | Keywords: | Reopened |
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Unspecified | ||
Whiteboard: | abrt_hash:c8b638e061c2b1576641bcb7cb98ead15cc112e148745dd56ffd1a11e469976a | ||
Fixed In Version: | selinux-policy-3.10.0-38.fc16 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2011-10-09 19:35:47 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Michal Nowak
2011-08-24 08:12:58 UTC
What app were you running when this happened these are clearly leaks. lvm? (In reply to comment #1) > What app were you running when this happened these are clearly leaks. No idea... > lvm? Not intentionally. I was just exploring F16's GNOME Shell experience. Ok well unless you can get it to happen again and figure out which app causes it, there is not much we can do. I would figure it was some kind of control app. I hit this during a live install of F16 (using a personal build with various pre-Beta RC2 builds in it). I'll re-open if it turns out to consistently happen during Beta rC2 live installs. I hit this when doing a default install of Fedora 16 Beta RC3 x86_64 Live. The notification popped up at the end of the installation (around bootloader installation). It very well could be leaks from the installation program. I've seen in again, when installing on bare metal from Live image. It seems like easily reproducible. What should I do to help debug this? It is probably something anaconda is leaking, although the append to tty_device_t might be intentional. I added a couple of dontaudit rules to stop ldconfig_t from complaining, although these will not cause anything to break. Should be in selinux-policy-3.10.0-35.fc16 This could be anaconda's logging code: pyanaconda/isys/log.c: main_log_tty = fopen("/dev/tty3", "a"); I'm afraid I don't know enough about the problem space here to know what's wrong or how to fix it. Got any pointers? Chris you are not doing anything wrong, I think we should just dontaudit these access. The lvm_control is the one I would like to see fixed. Outputting to a tty is expected. selinux-policy-3.10.0-36.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/selinux-policy-3.10.0-36.fc16 Package selinux-policy-3.10.0-36.fc16: * should fix your issue, * was pushed to the Fedora 16 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing selinux-policy-3.10.0-36.fc16' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/selinux-policy-3.10.0-36.fc16 then log in and leave karma (feedback). selinux-policy-3.10.0-38.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report. |