From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050513 Fedora/1.0.4-1.3.1 StumbleUpon/1.9993 Firefox/1.0.4 Description of problem: I have FC4T3 synced up to the latest dev changes (5/15/05). I'm having trouble with getting acpi actions to work with SElinux enabled. I made a lid event in /etc/acpi/events that invokes a sleep script in /etc/acpi/actions/sleep.sh. The sleep script does a touch /tmp/suspend and then 'echo mem> /sys/power/state'. I set the context to system_u:object_r:etc_t, same as the /etc/acpi/events/sample.conf. When I close the lid the system doesn't suspend. The /var/logs/acpid says that 'touch: cannot touch '/tmp/suspended': Permission denied' and /etc/acpi/actions/sleep.sh: line 5: /sys/power/state: Permission denied'. The /var/logs/audit/audit.log say 'type=(null) msg=(null)' about 20 times, but no other info. If I setenforce 0 and close the lid then all works fine. Version-Release number of selected component (if applicable): acpid-1.0.4-1 How reproducible: Always Steps to Reproduce: 1.install sleep.sh action script into /etc/acpi/actions 2.set up lid event to invoke sleep.sh 3.close lid Actual Results: Computer doesn't suspend because permission is denied Expected Results: echo to /sys/power/state should succeed and the sustem should suspend Additional info:
Uli - weren't you seeing this as well? Dan - I'm assuming this needs fixed in policy, not in acpid itself.
acpi is now allowed to write to /sys/power Fixed in latest policy selinux-policy-targeted-1.23.15-5