Bug 117518 - Policy errors during bootup related to udev
Summary: Policy errors during bootup related to udev
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: policy (Show other bugs)
(Show other bugs)
Version: rawhide
Hardware: athlon Linux
medium
high
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-03-04 21:54 UTC by Vaclav "sHINOBI" Misek
Modified: 2007-11-30 22:10 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-03-05 13:44:16 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Vaclav "sHINOBI" Misek 2004-03-04 21:54:40 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040217

Description of problem:
avc:  denied  { read write } for  pid=776 exe=/sbin/udev
name=.udev.tdb dev=hda2 ino=4096233
scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:device_t tclass=file

avc:  denied  { lock } for  pid=776 exe=/sbin/udev
path=/udev/.udev.tdb dev=hda2 ino=4096233
scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:device_t tclass=file

avc:  denied  { getattr } for  pid=776 exe=/sbin/udev
path=/udev/.udev.tdb dev=hda2 ino=4096233
scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:device_t tclass=file

avc:  denied  { write } for  pid=776 exe=/sbin/udev name=udev dev=hda2
ino=4096796 scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:device_t tclass=dir

avc:  denied  { add_name } for  pid=776 exe=/sbin/udev name=lp0
scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:device_t tclass=dir

avc:  denied  { create } for  pid=776 exe=/sbin/udev name=lp0
scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:device_t tclass=chr_file

avc:  denied  { setattr } for  pid=776 exe=/sbin/udev name=lp0
dev=hda2 ino=4096134 scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:device_t tclass=chr_file

avc:  denied  { chown } for  pid=776 exe=/sbin/udev capability=0
scontext=system_u:system_r:hotplug_t
tcontext=system_u:system_r:hotplug_t tclass=capability

avc:  denied  { search } for  pid=776 exe=/sbin/udev name=selinux
dev=hda2 ino=4980842 scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:policy_config_t tclass=dir

avc:  denied  { search } for  pid=776 exe=/sbin/udev name=src dev=hda2
ino=2081227 scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:policy_src_t tclass=dir

avc:  denied  { read } for  pid=776 exe=/sbin/udev name=file_contexts
dev=hda2 ino=2163393 scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:policy_src_t tclass=file

avc:  denied  { getattr } for  pid=776 exe=/sbin/udev
path=/etc/security/selinux/src/policy/file_contexts/file_contexts
dev=hda2 ino=2163393 scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:policy_src_t tclass=file

avc:  denied  { search } for  pid=776 exe=/sbin/udev dev= ino=988
scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:security_t tclass=dir

avc:  denied  { read write } for  pid=776 exe=/sbin/udev name=context
dev= ino=5 scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:security_t tclass=file

avc:  denied  { check_context } for  pid=776 exe=/sbin/udev
scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:security_t tclass=security

avc:  denied  { relabelfrom } for  pid=776 exe=/sbin/udev name=lp0
dev=hda2 ino=4096134 scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:device_t tclass=chr_file

avc:  denied  { relabelto } for  pid=776 exe=/sbin/udev name=lp0
dev=hda2 ino=4096134 scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:device_t tclass=chr_file

Version-Release number of selected component (if applicable):
policy-1.7-3

How reproducible:
Always

Steps to Reproduce:
1. boot machine
2.
3.
    

Expected Results:  No avc errors

Additional info:

These errors appears in all versions of policy rules up today.
I'm using Ext3 filesystem and the system is after reboot after update
to the latest policy package.

Comment 1 Daniel Walsh 2004-03-05 13:44:16 UTC
We are working to clean all these up.  Please try the latest policy,
most of these should be cleaned up.  policy-1.7-4


Note You need to log in before you can comment on or make changes to this bug.