Red Hat Bugzilla – Bug 166028
selinux prevents /etc/init.d/bluetooth initialising uart with hciattach
Last modified: 2007-11-30 17:11:11 EST
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-GB; rv:1.7.10) Gecko/20050720 Fedora/1.0.6-1.1.fc4 Firefox/1.0.6 Description of problem: Adding the tty and type of a serial bluetooth device to /etc/bluetooth/uart should enable /etc/init.d/bluetooth to start this device (using /usr/sbin/hciattach). e.g. add "ttyS2 socket" to /etc/bluetooth/uart With selinux-policy-targeted enforcing, this is not successful. When permissive, audit.log shows: type=AVC msg=audit(1124148334.047:16760662): avc: denied { ioctl } for pid=5796 comm="hciattach" name="ttyS2" dev=tmpfs ino=6125 scontext=root:system_r:bluetooth_t tcontext=system_u:object_r:tty_device_t tclass=chr_file type=SYSCALL msg=audit(1124148334.047:16760662): arch=40000003 syscall=54 success=yes exit=0 a0=3 a1=540b a2=2 a3=3 items=0 pid=5796 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="hciattach" exe="/usr/sbin/hciattach" type=AVC_PATH msg=audit(1124148334.047:16760662): path="/dev/ttyS2" Version-Release number of selected component (if applicable): selinux-policy-targeted-1.25.3-12 How reproducible: Always Steps to Reproduce: 1. Set selinux targeted policy to enforcing 2. Start bluetooth service with serial device defined in /etc/bluetooth/uart 3. Bluetooth device is not initialised Additional info:
Fixed in selinux-policy-targeted-1.25.4-10
Thanks for the bug report. This particular bug was fixed and a update package was published for download. Please feel free to report any further bugs you find.