120436 – selinux avc: denied errors on shutdown and/or reboot

Bug 120436 - selinux avc: denied errors on shutdown and/or reboot

Summary: selinux avc: denied errors on shutdown and/or reboot

Keywords:
Status:	CLOSED WORKSFORME
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	apmd
Sub Component:
Version:	rawhide
Hardware:	i686
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Bill Nottingham
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	FC4Target
TreeView+	depends on / blocked

Reported:	2004-04-08 19:40 UTC by Lynda Sweetman
Modified:	2014-03-17 02:44 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2005-02-02 22:59:44 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
cat /var/log/messages \| grep avc (from the last shutdown) (5.79 KB, text/plain) 2004-04-08 19:49 UTC, Lynda Sweetman	no flags	Details
cat /var/log/messages \| grep avc (30.31 KB, text/plain) 2004-04-15 12:30 UTC, scott white	no flags	Details
rpm -qa --last > install_history.txt (edited file for recently updated packages) (8.53 KB, text/plain) 2004-04-15 12:42 UTC, scott white	no flags	Details
View All

Description Lynda Sweetman 2004-04-08 19:40:29 UTC

Description of problem:apmd is denied getattr and read access to files
and links during shutdown and reboot. 


Version-Release number of selected component (if
applicable):policy-1.10.1-4;policy-sources-1.10.1-4;libselinux-1.10-2;
apmd-3.0.2-21. 


How reproducible:Selinux is in permissive mode, happens every time I
shutdown or reboot.


Steps to Reproduce:
1.Log out of X
2.choose "reboot" or "shutdown" from graphical login screen
3.Go for it
  
Actual results:Lots of avc: denied errors on screen, then
shutdown/reboot proceeds normally.


Expected results:Hopefully, a selinux policy that will allow me to use
enforcing mode.


Additional info:

Comment 1 Lynda Sweetman 2004-04-08 19:49:06 UTC

Created attachment 99246 [details]
cat /var/log/messages | grep avc (from the last shutdown)

I ran audit2allow -d on this, but am still clueless on how to rewrite policy.
Is there a good reference for audit2allow? I don't find much on it.

Comment 2 Bill Nottingham 2004-04-08 20:01:40 UTC

Odd, not sure why killall is getting run from that context.

Comment 3 Daniel Walsh 2004-04-08 20:18:39 UTC

I think this is the pidof call that is causing this?


Dan

Comment 4 scott white 2004-04-15 12:30:25 UTC

Created attachment 99443 [details]
cat /var/log/messages | grep avc

Comment 5 scott white 2004-04-15 12:40:17 UTC

i also started getting these messages after updating some packages.
however, now i cannot log in as anyone but root. logging in as anyone
else spits me back out to the login screen. before updating the
packages , everything was fine. i'll post a list what i updated

scott

Comment 6 scott white 2004-04-15 12:42:24 UTC

Created attachment 99444 [details]
rpm -qa --last > install_history.txt (edited file for recently updated packages)

Comment 7 Bill Nottingham 2004-04-15 18:36:11 UTC

kernel_t implies your policy and/or labelling is screwed up.

Comment 8 Bill Nottingham 2004-05-04 05:13:35 UTC

Does this persist with current trees?

Comment 9 Lynda Sweetman 2004-05-04 10:02:57 UTC

I simply turned off apmd in chkconfig. I don't really need it.

Comment 10 Net Nut 2004-07-16 17:38:14 UTC

I have seen this on two different fc2 machines (one laptop and one
desktop) both were upgrades from fc1  but I have two other fc2
machines to don't show these symptoms..

Comment 11 Bill Nottingham 2004-10-13 04:18:18 UTC

Please test with FC3 test.

Comment 12 Bill Nottingham 2005-02-02 22:59:44 UTC

Closing, no response.

Note You need to log in before you can comment on or make changes to this bug.