Bug 120436 - selinux avc: denied errors on shutdown and/or reboot
selinux avc: denied errors on shutdown and/or reboot
Product: Fedora
Classification: Fedora
Component: apmd (Show other bugs)
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Bill Nottingham
: SELinux
Depends On:
Blocks: FC4Target
  Show dependency treegraph
Reported: 2004-04-08 15:40 EDT by Lynda Sweetman
Modified: 2014-03-16 22:44 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-02-02 17:59:44 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
cat /var/log/messages | grep avc (from the last shutdown) (5.79 KB, text/plain)
2004-04-08 15:49 EDT, Lynda Sweetman
no flags Details
cat /var/log/messages | grep avc (30.31 KB, text/plain)
2004-04-15 08:30 EDT, scott white
no flags Details
rpm -qa --last > install_history.txt (edited file for recently updated packages) (8.53 KB, text/plain)
2004-04-15 08:42 EDT, scott white
no flags Details

  None (edit)
Description Lynda Sweetman 2004-04-08 15:40:29 EDT
Description of problem:apmd is denied getattr and read access to files
and links during shutdown and reboot. 

Version-Release number of selected component (if

How reproducible:Selinux is in permissive mode, happens every time I
shutdown or reboot.

Steps to Reproduce:
1.Log out of X
2.choose "reboot" or "shutdown" from graphical login screen
3.Go for it
Actual results:Lots of avc: denied errors on screen, then
shutdown/reboot proceeds normally.

Expected results:Hopefully, a selinux policy that will allow me to use
enforcing mode.

Additional info:
Comment 1 Lynda Sweetman 2004-04-08 15:49:06 EDT
Created attachment 99246 [details]
cat /var/log/messages | grep avc (from the last shutdown)

I ran audit2allow -d on this, but am still clueless on how to rewrite policy.
Is there a good reference for audit2allow? I don't find much on it.
Comment 2 Bill Nottingham 2004-04-08 16:01:40 EDT
Odd, not sure why killall is getting run from that context.
Comment 3 Daniel Walsh 2004-04-08 16:18:39 EDT
I think this is the pidof call that is causing this?

Comment 4 scott white 2004-04-15 08:30:25 EDT
Created attachment 99443 [details]
cat /var/log/messages | grep avc
Comment 5 scott white 2004-04-15 08:40:17 EDT
i also started getting these messages after updating some packages.
however, now i cannot log in as anyone but root. logging in as anyone
else spits me back out to the login screen. before updating the
packages , everything was fine. i'll post a list what i updated

Comment 6 scott white 2004-04-15 08:42:24 EDT
Created attachment 99444 [details]
rpm -qa --last > install_history.txt (edited file for recently updated packages)
Comment 7 Bill Nottingham 2004-04-15 14:36:11 EDT
kernel_t implies your policy and/or labelling is screwed up.
Comment 8 Bill Nottingham 2004-05-04 01:13:35 EDT
Does this persist with current trees?
Comment 9 Lynda Sweetman 2004-05-04 06:02:57 EDT
I simply turned off apmd in chkconfig. I don't really need it.
Comment 10 Net Nut 2004-07-16 13:38:14 EDT
I have seen this on two different fc2 machines (one laptop and one
desktop) both were upgrades from fc1  but I have two other fc2
machines to don't show these symptoms.. 
Comment 11 Bill Nottingham 2004-10-13 00:18:18 EDT
Please test with FC3 test.
Comment 12 Bill Nottingham 2005-02-02 17:59:44 EST
Closing, no response. 

Note You need to log in before you can comment on or make changes to this bug.