Description of problem:apmd is denied getattr and read access to files and links during shutdown and reboot. Version-Release number of selected component (if applicable):policy-1.10.1-4;policy-sources-1.10.1-4;libselinux-1.10-2; apmd-3.0.2-21. How reproducible:Selinux is in permissive mode, happens every time I shutdown or reboot. Steps to Reproduce: 1.Log out of X 2.choose "reboot" or "shutdown" from graphical login screen 3.Go for it Actual results:Lots of avc: denied errors on screen, then shutdown/reboot proceeds normally. Expected results:Hopefully, a selinux policy that will allow me to use enforcing mode. Additional info:
Created attachment 99246 [details] cat /var/log/messages | grep avc (from the last shutdown) I ran audit2allow -d on this, but am still clueless on how to rewrite policy. Is there a good reference for audit2allow? I don't find much on it.
Odd, not sure why killall is getting run from that context.
I think this is the pidof call that is causing this? Dan
Created attachment 99443 [details] cat /var/log/messages | grep avc
i also started getting these messages after updating some packages. however, now i cannot log in as anyone but root. logging in as anyone else spits me back out to the login screen. before updating the packages , everything was fine. i'll post a list what i updated scott
Created attachment 99444 [details] rpm -qa --last > install_history.txt (edited file for recently updated packages)
kernel_t implies your policy and/or labelling is screwed up.
Does this persist with current trees?
I simply turned off apmd in chkconfig. I don't really need it.
I have seen this on two different fc2 machines (one laptop and one desktop) both were upgrades from fc1 but I have two other fc2 machines to don't show these symptoms..
Please test with FC3 test.
Closing, no response.