Description of problem: Certain apps fail to write their output to the tty. Version-Release number of selected component (if applicable): policy-1.6-6 How reproducible: Every time Steps to Reproduce: 1. locate libplain.la Actual results: # locate libplain.la savc: denied { read write } for pid=50001 exe=/usr/bin/slocate path=/dev/tty dev=hda3 ino=450519 scontext=root:system-r:locate_t tcontext=root:object_r:sysadm_tty_device_t tclass=chr_file Expected results: # locate libplain.la /usr/lib64/sasl2/libplain.la
Fixed in latest policy. policy-1.9.1-2
fix verified in policy-1.9.2-11: allow locate_t { userpty_type { sysadm_tty_device_t sysadm_devpts_t } }:chr_file { ioctl read getattr lock write append };