Bug 120452 - Unable to updates scores in glines (possibly for all gnome-games)
Summary: Unable to updates scores in glines (possibly for all gnome-games)
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: policy   
(Show other bugs)
Version: rawhide
Hardware: i386
OS: Linux
medium
low
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Ben Levenson
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-04-08 21:18 UTC by Fred New
Modified: 2007-11-30 22:10 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-04-21 11:42:58 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
/var/log/messages (836.10 KB, text/plain)
2004-04-10 19:31 UTC, Fred New
no flags Details
/var/log/messages (6.95 KB, text/plain)
2004-04-13 17:59 UTC, Fred New
no flags Details

Description Fred New 2004-04-08 21:18:48 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6)
Gecko/20040207 Firefox/0.8

Description of problem:
The glines game is unable to update its scores file,
/var/lib/games/glines.scores

Version-Release number of selected component (if applicable):
policy-1.10.1-4
gnome-games-2.6.0.1-1

How reproducible:
Always

Steps to Reproduce:
1. Gnome main menu -> games -> lines
2. Play to the end of a game.  (Go ahead, relax a little.)

Actual Results:  No best-scores window opens. Your score is not saved.
The following messages appear in /var/log/messages:
Apr  8 23:54:01 kuldar kernel: audit(1081457641.538:0): avc:  denied 
{ write } for  pid=2040 exe=/usr/bin/glines name=glines.scores
dev=hda3 ino=577368 scontext=user_u:user_r:user_t
tcontext=system_u:object_r:var_lib_t tclass=file
Apr  8 23:54:01 kuldar kernel: audit(1081457641.539:0): avc:  denied 
{ write } for  pid=2040 exe=/usr/bin/glines name=glines.scores
dev=hda3 ino=577368 scontext=user_u:user_r:user_t
tcontext=system_u:object_r:var_lib_t tclass=file

Expected Results:  A best-scores window opens with your score added to
it.  This assumes that you have achieved a top score.  A top score is
not difficult after a freshly installing Fedora Core.

Additional info:

Heh heh. After committing this bug, I promise to go out there and find
a real bug.

Comment 1 Fred New 2004-04-10 19:31:35 UTC
Created attachment 99301 [details]
/var/log/messages

Comment 2 Fred New 2004-04-10 19:34:24 UTC
With
  policy-1.10.2-4
  kernel-2.6.5-1.315
I am unable to run glines at all.  The above /var/log/messages gives
details.

Comment 3 Daniel Walsh 2004-04-12 15:35:36 UTC
Try policy-1.11.1

You need to relabel /usr/games after installing the policy

setfiles /etc/security/selinux/file_contexts /usr/games



Comment 4 Fred New 2004-04-13 17:59:00 UTC
Created attachment 99372 [details]
/var/log/messages

Current policy = policy-1.11.1-2.  I am still unable to start glines.  The
attached are the related messages for starting glines with setenforce 0, as you
can see.  I haven't tried playing to completion of a game, yet.

I installed the new policy, tried the relabel you suggested, then tried a full
fixfiles relabel followed by a reboot.

Comment 5 Fred New 2004-04-14 21:29:02 UTC
With policy-1.11.2-3 I am again able to start glines, but I am still
unable to update /var/lib/games/glines.scores at the end of the game.
The following message appears in /var/log/messages (setenforce 0):

Apr 15 00:24:50 kuldar kernel: audit(1081977890.376:0): avc:  denied 
{ write } for  pid=1752 exe=/usr/bin/glines name=glines.scores
dev=hda3 ino=577368 scontext=user_u:user_r:user_games_t
tcontext=system_u:object_r:games_exec_t tclass=file

Comment 6 Daniel Walsh 2004-04-14 22:20:33 UTC
/var/lib/games has wrong context

chcon -r -t games_data_t /var/lib/games

Fixed in policy-1.11.2-4


Comment 7 Fred New 2004-04-20 21:04:26 UTC
Confirmed fixed in policy-1.11.2-9.


Note You need to log in before you can comment on or make changes to this bug.