From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; fr; rv:1.7.8) Gecko/20050524 Fedora/1.0.4-4 Firefox/1.0.4 Description of problem: When the system try to activate the prism54 card at boot, it fails with this in dmesg : eth0: uploading firmware... audit(1118835134.219:31): avc: denied { write } for pid=1910 comm="firmware.agent" name=loading dev=sysfs ino=6188 scontext=system_u:system_r:hotplug_t tcontext=system_u:object_r:sysfs_t tclass=file audit(1118835134.219:32): avc: denied { write } for pid=1910 comm="firmware.agent" name=loading dev=sysfs ino=6188 scontext=system_u:system_r:hotplug_t tcontext=system_u:object_r:sysfs_t tclass=file audit(1118835134.219:33): avc: denied { search } for pid=1912 comm="cp" name=selinux dev=dm-0 ino=27656630 scontext=system_u:system_r:hotplug_t tcontext=system_u:object_r:selinux_config_t tclass=dir audit(1118835134.220:34): avc: denied { write } for pid=1912 comm="cp" name=data dev=sysfs ino=6193 scontext=system_u:system_r:hotplug_t tcontext=system_u:object_r:sysfs_t tclass=file audit(1118835134.220:35): avc: denied { write } for pid=1910 comm="firmware.agent" name=loading dev=sysfs ino=6188 scontext=system_u:system_r:hotplug_t tcontext=system_u:object_r:sysfs_t tclass=file audit(1118835134.220:36): avc: denied { write } for pid=1910 comm="firmware.agent" name=loading dev=sysfs ino=6188 scontext=system_u:system_r:hotplug_t tcontext=system_u:object_r:sysfs_t tclass=file prism54: request_firmware() failed for 'isl3890' eth0: could not upload firmware ('isl3890') eth0: islpci_reset: failure The card can be activated without any problem during a session and the isl3890 file is in /lib/firmware If i disable selinux, the card is activated at boot time. Version-Release number of selected component (if applicable): kernel-2.6.11-1.1369_FC4 How reproducible: Always Steps to Reproduce: 1.Reboot the system 2.the system can't activate the wireless card at bootup 3. Additional info:
In fact if i activate selinux but disable enforcing application the prism54 wireless card is activated at boot
Fixed in selinux-policy-targeted-1.23.18-12
i still have problem to enable enforcing mode and enable the prism54 card at boot up.
What avc messages are you seeing with 1.23.18-12? 17 has been released, is that any better?
All is fine enabling selinux but disabling enforcing mode. If i enable enforcing mode i obtain no error message except : no such file or directory as the system could not access the firmware file. After i can log and activate manually the device without any problem.
I still have the same problem with the new selinux-policy-targeted-1.25.1-9
Any avc messages in /var/log/messages? /var/log/audit/audit.log?
Here is the lines i found in /var/log/messages : Jul 17 17:46:56 bureau kernel: audit(1121615214.230:2): avc: denied { search } for pid=1782 comm="cp" name="selinux" dev=dm-0 ino=27656630 scontext=system_u:system_r:hotplug_t tcontext=system_u:object_r:selinux_config_t tclass=dir Jul 17 17:46:56 bureau kernel: audit(1121615214.237:3): avc: denied { sys_rawio } for pid=1782 comm="cp" capability=17 scontext=system_u:system_r:hotplug_t tcontext=system_u:system_r:hotplug_t tclass=capability Jul 17 17:46:56 bureau kernel: prism54: request_firmware() failed for 'isl3890' Jul 17 17:46:56 bureau kernel: eth0: could not upload firmware ('isl3890') Jul 17 17:46:56 bureau kernel: eth0: islpci_reset: failure Jul 17 17:46:56 bureau kernel: audit(1121615214.293:4): avc: denied { sys_tty_config } for pid=1779 comm="ip" capability=26 scontext=system_u:system_r:ifconfig_t tcontext=system_u:system_r:ifconfig_t tclass=capability
I still have the same problem with the new selinux-policy-targeted-1.25.2-4
The problem seems to be solved with selinux-policy-targeted-1.25.3-6.