Bug 952206

Summary: [selinux] loadkeys denials
Product: [Retired] oVirt Reporter: Fabian Deutsch <fdeutsch>
Component: ovirt-nodeAssignee: Fabian Deutsch <fdeutsch>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 3.2CC: acathrow, jboggs, mburns, mgoldboi, ovirt-bugs, ovirt-maint
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ovirt-node-3.0.3 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-11-28 11:57:13 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 952352    
Bug Blocks:    
Attachments:
Description Flags
complete audit.log none

Description Fabian Deutsch 2013-04-15 11:28:47 UTC 
Description of problem:
During the boot fo the installer / firstboot loadkeys related errors appear in audit.log

Version-Release number of selected component (if applicable):
Recent F18 testbuild post 2.6.1

How reproducible:
Always

Steps to Reproduce:
1. Boot into installer
2. Enter keyboard selection page
3.
  
Actual results:
Denials appear in audit.log

Expected results:


Additional info:
type=AVC msg=audit(1366024813.975:306): avc:  denied  { open } for  pid=2281 comm="loadkeys" path=2F746D702F73682D7468642D31333636303236303233202864656C6574656429 dev="tmpfs" ino=23759 scontext=system_u:system_r:loadkeys_t:s0 tcontext=system_u:object_r:initrc_tmp_t:s0 tclass=file
type=SYSCALL msg=audit(1366024813.975:306): arch=c000003e syscall=2 success=no exit=-13 a0=40abf4 a1=2 a2=7f01f325b27c a3=7fff1c260900 items=1 ppid=2246 pid=2281 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm="loadkeys" exe="/usr/bin/loadkeys" subj=system_u:system_r:loadkeys_t:s0 key=(null)
type=CWD msg=audit(1366024813.975:306):  cwd="/"
type=PATH msg=audit(1366024813.975:306): item=0 name="/proc/self/fd/0" inode=23759 dev=00:21 mode=0100600 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:initrc_tmp_t:s0
type=AVC msg=audit(1366024813.975:307): avc:  denied  { open } for  pid=2281 comm="loadkeys" path=2F746D702F73682D7468642D31333636303236303233202864656C6574656429 dev="tmpfs" ino=23759 scontext=system_u:system_r:loadkeys_t:s0 tcontext=system_u:object_r:initrc_tmp_t:s0 tclass=file
type=SYSCALL msg=audit(1366024813.975:307): arch=c000003e syscall=2 success=no exit=-13 a0=40abf4 a1=1 a2=7f01f325b27c a3=7fff1c260900 items=1 ppid=2246 pid=2281 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm="loadkeys" exe="/usr/bin/loadkeys" subj=system_u:system_r:loadkeys_t:s0 key=(null)
type=CWD msg=audit(1366024813.975:307):  cwd="/"
type=PATH msg=audit(1366024813.975:307): item=0 name="/proc/self/fd/0" inode=23759 dev=00:21 mode=0100600 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:initrc_tmp_t:s0
type=AVC msg=audit(1366024813.975:308): avc:  denied  { open } for  pid=2281 comm="loadkeys" path=2F746D702F73682D7468642D31333636303236303233202864656C6574656429 dev="tmpfs" ino=23759 scontext=system_u:system_r:loadkeys_t:s0 tcontext=system_u:object_r:initrc_tmp_t:s0 tclass=file
type=SYSCALL msg=audit(1366024813.975:308): arch=c000003e syscall=2 success=no exit=-13 a0=40abf4 a1=0 a2=7f01f325b27c a3=7fff1c260900 items=1 ppid=2246 pid=2281 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm="loadkeys" exe="/usr/bin/loadkeys" subj=system_u:system_r:loadkeys_t:s0 key=(null)
type=CWD msg=audit(1366024813.975:308):  cwd="/"
type=PATH msg=audit(1366024813.975:308): item=0 name="/proc/self/fd/0" inode=23759 dev=00:21 mode=0100600 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:initrc_tmp_t:s0
type=AVC msg=audit(1366024814.086:309): avc:  denied  { open } for  pid=2281 comm="loadkeys" path=2F746D702F73682D7468642D31333636303236303233202864656C6574656429 dev="tmpfs" ino=23759 scontext=system_u:system_r:loadkeys_t:s0 tcontext=system_u:object_r:initrc_tmp_t:s0 tclass=file
type=SYSCALL msg=audit(1366024814.086:309): arch=c000003e syscall=2 success=no exit=-13 a0=40abf4 a1=2 a2=1702570 a3=7f01f325b798 items=1 ppid=2246 pid=2281 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm="loadkeys" exe="/usr/bin/loadkeys" subj=system_u:system_r:loadkeys_t:s0 key=(null)
type=CWD msg=audit(1366024814.086:309):  cwd="/"
type=PATH msg=audit(1366024814.086:309): item=0 name="/proc/self/fd/0" inode=23759 dev=00:21 mode=0100600 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:initrc_tmp_t:s0
type=AVC msg=audit(1366024814.086:310): avc:  denied  { open } for  pid=2281 comm="loadkeys" path=2F746D702F73682D7468642D31333636303236303233202864656C6574656429 dev="tmpfs" ino=23759 scontext=system_u:system_r:loadkeys_t:s0 tcontext=system_u:object_r:initrc_tmp_t:s0 tclass=file
type=SYSCALL msg=audit(1366024814.086:310): arch=c000003e syscall=2 success=no exit=-13 a0=40abf4 a1=1 a2=1702570 a3=7f01f325b798 items=1 ppid=2246 pid=2281 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm="loadkeys" exe="/usr/bin/loadkeys" subj=system_u:system_r:loadkeys_t:s0 key=(null)
type=CWD msg=audit(1366024814.086:310):  cwd="/"
type=PATH msg=audit(1366024814.086:310): item=0 name="/proc/self/fd/0" inode=23759 dev=00:21 mode=0100600 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:initrc_tmp_t:s0
type=AVC msg=audit(1366024814.089:311): avc:  denied  { open } for  pid=2281 comm="loadkeys" path=2F746D702F73682D7468642D31333636303236303233202864656C6574656429 dev="tmpfs" ino=23759 scontext=system_u:system_r:loadkeys_t:s0 tcontext=system_u:object_r:initrc_tmp_t:s0 tclass=file
type=SYSCALL msg=audit(1366024814.089:311): arch=c000003e syscall=2 success=no exit=-13 a0=40abf4 a1=0 a2=1702570 a3=7f01f325b798 items=1 ppid=2246 pid=2281 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm="loadkeys" exe="/usr/bin/loadkeys" subj=system_u:system_r:loadkeys_t:s0 key=(null)
type=CWD msg=audit(1366024814.089:311):  cwd="/"
Comment 1 Fabian Deutsch 2013-04-15 11:30:17 UTC 
Created attachment 735870 [details]
complete audit.log
Comment 2 Fabian Deutsch 2013-04-15 11:42:02 UTC 
http://gerrit.ovirt.org/#/c/13922/