145498 – kudzu_t cannot read modprobe.conf

Bug 145498 - kudzu_t cannot read modprobe.conf

Summary: kudzu_t cannot read modprobe.conf

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy-strict
Sub Component:
Version:	rawhide
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Daniel Walsh
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2005-01-18 23:12 UTC by Ivan Gyurdiev
Modified:	2007-11-30 22:10 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2005-01-21 19:29:23 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Ivan Gyurdiev 2005-01-18 23:12:28 UTC

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Gecko/20041228 Firefox/1.0 Fedora/1.0-8

Description of problem:
audit(1106062935.759:0): avc:  denied  { read } for  pid=1213
exe=/sbin/kmodule name=modprobe.conf dev=dm-0 ino=827428
scontext=system_u:system_r:kudzu_t tcontext=root:object_r:sysadm_tmp_t
tclass=file

(enforcing mode)

Version-Release number of selected component (if applicable):
selinux-policy-strict-1.21.1-1

How reproducible:
Didn't try

Steps to Reproduce:
 

Additional info:

Comment 1 Ivan Gyurdiev 2005-01-20 18:35:36 UTC

Confirming on selinux-policy-strict-1.21.2-2 in enforcing mode.

Comment 2 Daniel Walsh 2005-01-21 19:29:23 UTC

Did you create the modprobe.conf file by hand in the /tmp dirctory and then move
it back to /etc?

If yes you need to do a restorecon /etc/modprobe.conf

Comment 3 Ivan Gyurdiev 2005-01-22 08:42:04 UTC

I did no such thing. I would have expected the full relabel
that took place when switching to strict to have taken care of any such issues.

Note You need to log in before you can comment on or make changes to this bug.