Bug 121916 - cd device denied for playing cd as normal user
cd device denied for playing cd as normal user
Product: Fedora
Classification: Fedora
Component: policy (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
Depends On:
  Show dependency treegraph
Reported: 2004-04-28 21:30 EDT by Andrew Farris
Modified: 2007-11-30 17:10 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-11-30 14:06:55 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Andrew Farris 2004-04-28 21:30:37 EDT
Description of problem:
A normal user is not permitted to play a cd due to incorrect device
context.  The default policy labels the cd device (/dev/hdc in my
case) as fixed_disk_devict_t.  When the device is relabeled as
removable_device_t the cd can be played.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. install default policy
2. fixfiles relabel
3. play cd as normal user (cdp or cdplay)

Actual results:
playing cd is denied with this audit:
Apr 26 15:09:24 CirithUngol kernel: audit(1083017364.035:0): avc:
denied  { ioctl } for  pid=10129 exe=/usr/bin/cdp path=/dev/hdc dev=hdb8
ino=66203 scontext=user_u:user_r:user_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file

Expected results:
playing of the cd would be permitted

Additional info:
See the URL for mailing list discussion.
Comment 1 Daniel Walsh 2004-09-15 13:11:15 EDT
Latest policy and udev changes should create the cdrom device with the
correct context.


Note You need to log in before you can comment on or make changes to this bug.