Bug 117518 - Policy errors during bootup related to udev
Policy errors during bootup related to udev
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: policy (Show other bugs)
rawhide
athlon Linux
medium Severity high
: ---
: ---
Assigned To: Daniel Walsh
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-03-04 16:54 EST by Vaclav "sHINOBI" Misek
Modified: 2007-11-30 17:10 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-03-05 08:44:16 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Vaclav "sHINOBI" Misek 2004-03-04 16:54:40 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040217

Description of problem:
avc:  denied  { read write } for  pid=776 exe=/sbin/udev
name=.udev.tdb dev=hda2 ino=4096233
scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:device_t tclass=file

avc:  denied  { lock } for  pid=776 exe=/sbin/udev
path=/udev/.udev.tdb dev=hda2 ino=4096233
scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:device_t tclass=file

avc:  denied  { getattr } for  pid=776 exe=/sbin/udev
path=/udev/.udev.tdb dev=hda2 ino=4096233
scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:device_t tclass=file

avc:  denied  { write } for  pid=776 exe=/sbin/udev name=udev dev=hda2
ino=4096796 scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:device_t tclass=dir

avc:  denied  { add_name } for  pid=776 exe=/sbin/udev name=lp0
scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:device_t tclass=dir

avc:  denied  { create } for  pid=776 exe=/sbin/udev name=lp0
scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:device_t tclass=chr_file

avc:  denied  { setattr } for  pid=776 exe=/sbin/udev name=lp0
dev=hda2 ino=4096134 scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:device_t tclass=chr_file

avc:  denied  { chown } for  pid=776 exe=/sbin/udev capability=0
scontext=system_u:system_r:hotplug_t
tcontext=system_u:system_r:hotplug_t tclass=capability

avc:  denied  { search } for  pid=776 exe=/sbin/udev name=selinux
dev=hda2 ino=4980842 scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:policy_config_t tclass=dir

avc:  denied  { search } for  pid=776 exe=/sbin/udev name=src dev=hda2
ino=2081227 scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:policy_src_t tclass=dir

avc:  denied  { read } for  pid=776 exe=/sbin/udev name=file_contexts
dev=hda2 ino=2163393 scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:policy_src_t tclass=file

avc:  denied  { getattr } for  pid=776 exe=/sbin/udev
path=/etc/security/selinux/src/policy/file_contexts/file_contexts
dev=hda2 ino=2163393 scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:policy_src_t tclass=file

avc:  denied  { search } for  pid=776 exe=/sbin/udev dev= ino=988
scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:security_t tclass=dir

avc:  denied  { read write } for  pid=776 exe=/sbin/udev name=context
dev= ino=5 scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:security_t tclass=file

avc:  denied  { check_context } for  pid=776 exe=/sbin/udev
scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:security_t tclass=security

avc:  denied  { relabelfrom } for  pid=776 exe=/sbin/udev name=lp0
dev=hda2 ino=4096134 scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:device_t tclass=chr_file

avc:  denied  { relabelto } for  pid=776 exe=/sbin/udev name=lp0
dev=hda2 ino=4096134 scontext=system_u:system_r:hotplug_t
tcontext=system_u:object_r:device_t tclass=chr_file

Version-Release number of selected component (if applicable):
policy-1.7-3

How reproducible:
Always

Steps to Reproduce:
1. boot machine
2.
3.
    

Expected Results:  No avc errors

Additional info:

These errors appears in all versions of policy rules up today.
I'm using Ext3 filesystem and the system is after reboot after update
to the latest policy package.
Comment 1 Daniel Walsh 2004-03-05 08:44:16 EST
We are working to clean all these up.  Please try the latest policy,
most of these should be cleaned up.  policy-1.7-4

Note You need to log in before you can comment on or make changes to this bug.