| Summary: | devicekit avcs after resume | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Klaus Lichtenwalder <klic> | ||||
| Component: | selinux-policy-targeted | Assignee: | Miroslav Grepl <mgrepl> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Ben Levenson <benl> | ||||
| Severity: | low | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 16 | CC: | dwalsh | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | i686 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2011-09-12 12:44:35 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Attachments: |
|
||||||
Fixed in selinux-policy-3.10.0-25.fc16 THe insmod_t one is a leaked file descriptor from upowerd. yum update selinux-policy --enablerepo=updates-testing Works for me, thanks! Could you update karma. Thank you. Sorry, forgot URL and hoped you would post it, but found it again ;-) |
Created attachment 521514 [details] raw avc messages Description of problem: After resuming, I get the following denials #============= devicekit_power_t ============== allow devicekit_power_t xserver_port_t:tcp_socket name_connect; allow devicekit_power_t xserver_t:unix_stream_socket connectto; #============= insmod_t ============== allow insmod_t devicekit_var_run_t:file read; Version-Release number of selected component (if applicable): selinux-policy-targeted-3.10.0-21.fc16.noarch selinux-policy-3.10.0-21.fc16.noarch