Bug 145498 - kudzu_t cannot read modprobe.conf
Summary: kudzu_t cannot read modprobe.conf
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-strict
Version: rawhide
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-01-18 23:12 UTC by Ivan Gyurdiev
Modified: 2007-11-30 22:10 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2005-01-21 19:29:23 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Ivan Gyurdiev 2005-01-18 23:12:28 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Gecko/20041228 Firefox/1.0 Fedora/1.0-8

Description of problem:
audit(1106062935.759:0): avc:  denied  { read } for  pid=1213
exe=/sbin/kmodule name=modprobe.conf dev=dm-0 ino=827428
scontext=system_u:system_r:kudzu_t tcontext=root:object_r:sysadm_tmp_t
tclass=file

(enforcing mode)

Version-Release number of selected component (if applicable):
selinux-policy-strict-1.21.1-1

How reproducible:
Didn't try

Steps to Reproduce:
 

Additional info:

Comment 1 Ivan Gyurdiev 2005-01-20 18:35:36 UTC
Confirming on selinux-policy-strict-1.21.2-2 in enforcing mode.


Comment 2 Daniel Walsh 2005-01-21 19:29:23 UTC
Did you create the modprobe.conf file by hand in the /tmp dirctory and then move
it back to /etc?

If yes you need to do a restorecon /etc/modprobe.conf

Comment 3 Ivan Gyurdiev 2005-01-22 08:42:04 UTC
I did no such thing. I would have expected the full relabel
that took place when switching to strict to have taken care of any such issues.


Note You need to log in before you can comment on or make changes to this bug.