Red Hat Bugzilla – Bug 120436
selinux avc: denied errors on shutdown and/or reboot
Last modified: 2014-03-16 22:44:04 EDT
Description of problem:apmd is denied getattr and read access to files
and links during shutdown and reboot.
Version-Release number of selected component (if
How reproducible:Selinux is in permissive mode, happens every time I
shutdown or reboot.
Steps to Reproduce:
1.Log out of X
2.choose "reboot" or "shutdown" from graphical login screen
3.Go for it
Actual results:Lots of avc: denied errors on screen, then
shutdown/reboot proceeds normally.
Expected results:Hopefully, a selinux policy that will allow me to use
Created attachment 99246 [details]
cat /var/log/messages | grep avc (from the last shutdown)
I ran audit2allow -d on this, but am still clueless on how to rewrite policy.
Is there a good reference for audit2allow? I don't find much on it.
Odd, not sure why killall is getting run from that context.
I think this is the pidof call that is causing this?
Created attachment 99443 [details]
cat /var/log/messages | grep avc
i also started getting these messages after updating some packages.
however, now i cannot log in as anyone but root. logging in as anyone
else spits me back out to the login screen. before updating the
packages , everything was fine. i'll post a list what i updated
Created attachment 99444 [details]
rpm -qa --last > install_history.txt (edited file for recently updated packages)
kernel_t implies your policy and/or labelling is screwed up.
Does this persist with current trees?
I simply turned off apmd in chkconfig. I don't really need it.
I have seen this on two different fc2 machines (one laptop and one
desktop) both were upgrades from fc1 but I have two other fc2
machines to don't show these symptoms..
Please test with FC3 test.
Closing, no response.