Bug 158965 - Automatic ADSL connection during boot fails because of selinux
Automatic ADSL connection during boot fails because of selinux
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: rp-pppoe (Show other bugs)
rawhide
i386 Linux
medium Severity low
: ---
: ---
Assigned To: Ngo Than
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-05-27 03:26 EDT by Andreas Simon
Modified: 2007-11-30 17:11 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-06-26 04:57:39 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Andreas Simon 2005-05-27 03:26:08 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050524 Fedora/1.0.4-4 Firefox/1.0.4

Description of problem:
I configured ADSL to connect during boot. This fails because of selinux errors.

Activating the connection with the system-config-network GUI or activating it with "system-config-network-cmd -a xDSL" via the command line after the system is booted works without problems.

It's just the automatic start during boot which fails.

Version-Release number of selected component (if applicable):
rp-pppoe-3.5-27

How reproducible:
Always

Steps to Reproduce:
1. Configure an ADSL (xDSL) connection with system-config-network.
2. Choose "Activate device when computer starts" for this network device
3. Boot
  

Actual Results:  During the boot there is a long timeout when the system tries to start the ADSL connection. Then [fail] is printed.

Expected Results:  Activate the ADSL connection.

Additional info:

Here are the related messages from /var/log/messages:

May 27 08:24:59 obsidian kernel: ip_tables: (C) 2000-2002 Netfilter core team
May 27 08:24:59 obsidian kernel: ip_conntrack version 2.1 (4095 buckets, 32760 max) - 272 bytes per conntrack
May 27 08:24:59 obsidian kernel: eth0: link up, 10Mbps, half-duplex, lpa 0x0021
May 27 08:24:59 obsidian kernel: CSLIP: code copyright 1989 Regents of the University of California
May 27 08:24:59 obsidian kernel: PPP generic driver version 2.4.2
May 27 08:24:59 obsidian kernel: audit(1117175032.481:3): avc:  denied  { read } for  pid=1839 comm="sh" name=pppoe dev=dm-0 ino=1318377 scontext=system_u:system_r:pppd_t tcontext=system_u:object_r:sbin_t tclass=lnk_file
May 27 08:24:59 obsidian kernel: audit(1117175032.481:4): avc:  denied  { read } for  pid=1839 comm="sh" name=pppoe dev=dm-0 ino=1318377 scontext=system_u:system_r:pppd_t tcontext=system_u:object_r:sbin_t tclass=lnk_file
May 27 08:24:59 obsidian kernel: audit(1117175032.481:5): avc:  denied  { read } for  pid=1839 comm="sh" name=pppoe dev=dm-0 ino=1318377 scontext=system_u:system_r:pppd_t tcontext=system_u:object_r:sbin_t tclass=lnk_file
May 27 08:24:59 obsidian kernel: audit(1117175037.513:6): avc:  denied  { read } for  pid=1857 comm="sh" name=pppoe dev=dm-0 ino=1318377 scontext=system_u:system_r:pppd_t tcontext=system_u:object_r:sbin_t tclass=lnk_file
...
...
...
May 27 08:24:59 obsidian kernel: audit(1117175097.783:42): avc:  denied  { read } for  pid=1994 comm="sh" name=pppoe dev=dm-0 ino=1318377 scontext=system_u:system_r:pppd_t tcontext=system_u:object_r:sbin_t tclass=lnk_file
May 27 08:24:59 obsidian kernel: audit(1117175097.783:43): avc:  denied  { read } for  pid=1994 comm="sh" name=pppoe dev=dm-0 ino=1318377 scontext=system_u:system_r:pppd_t tcontext=system_u:object_r:sbin_t tclass=lnk_file
May 27 08:24:59 obsidian kernel: audit(1117175097.783:44): avc:  denied  { read } for  pid=1994 comm="sh" name=pppoe dev=dm-0 ino=1318377 scontext=system_u:system_r:pppd_t tcontext=system_u:object_r:sbin_t tclass=lnk_file
May 27 08:25:01 obsidian kernel: parport: PnPBIOS parport detected.
May 27 08:25:01 obsidian kernel: parport0: PC-style at 0x378 (0x778), irq 7 [PCSPP,TRISTATE]
May 27 08:25:01 obsidian kernel: lp0: using parport0 (interrupt-driven).
May 27 08:25:01 obsidian kernel: lp0: console ready


The '...' means that the audit message is repeated many times, just with different pids.

Device "dm-0" (/dev/dm-0) is my root partition, a ext3 filesystem residing on a LVM volume (/dev/main_vg/root_lv).

Other info which maybe interesting:
# ls -li /usr/sbin/pppoe
1318377 lrwxrwxrwx  1 root root 16 May 26 13:36 /usr/sbin/pppoe -> ../../sbin/pppoe
# ls -li /sbin/pppoe
622697 -rwxr-xr-x  1 root root 32424 Mar  7 18:32 /sbin/pppoe
# ls -Z /sbin/pppoe
-rwxr-xr-x  root     root     system_u:object_r:sbin_t         /sbin/pppoe


Here the package versions:
selinux-policy-targeted-1.23.16-6
rp-pppoe-3.5-27
Comment 1 Daniel Walsh 2005-05-29 06:58:50 EDT
Fixed in selinux-policy-*1.23.17-4

Note You need to log in before you can comment on or make changes to this bug.