Bug 166028 - selinux prevents /etc/init.d/bluetooth initialising uart with hciattach
selinux prevents /etc/init.d/bluetooth initialising uart with hciattach
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
4
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-08-15 19:34 EDT by Kevin R. Page
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version: 1.25.4-10
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-08-30 02:08:25 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Kevin R. Page 2005-08-15 19:34:35 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-GB; rv:1.7.10) Gecko/20050720 Fedora/1.0.6-1.1.fc4 Firefox/1.0.6

Description of problem:
Adding the tty and type of a serial bluetooth device to /etc/bluetooth/uart should enable /etc/init.d/bluetooth to start this device (using /usr/sbin/hciattach).

e.g. add "ttyS2 socket" to /etc/bluetooth/uart

With selinux-policy-targeted enforcing, this is not successful.

When permissive, audit.log shows:
type=AVC msg=audit(1124148334.047:16760662): avc:  denied  { ioctl } for  pid=5796 comm="hciattach" name="ttyS2" dev=tmpfs ino=6125 scontext=root:system_r:bluetooth_t tcontext=system_u:object_r:tty_device_t tclass=chr_file
type=SYSCALL msg=audit(1124148334.047:16760662): arch=40000003 syscall=54 success=yes exit=0 a0=3 a1=540b a2=2 a3=3 items=0 pid=5796 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="hciattach" exe="/usr/sbin/hciattach"
type=AVC_PATH msg=audit(1124148334.047:16760662):  path="/dev/ttyS2"


Version-Release number of selected component (if applicable):
selinux-policy-targeted-1.25.3-12

How reproducible:
Always

Steps to Reproduce:
1. Set selinux targeted policy to enforcing
2. Start bluetooth service with serial device defined in /etc/bluetooth/uart
3. Bluetooth device is not initialised
  

Additional info:
Comment 1 Daniel Walsh 2005-08-25 15:17:22 EDT
Fixed in selinux-policy-targeted-1.25.4-10
Comment 2 Walter Justen 2005-08-30 02:08:25 EDT
Thanks for the bug report. This particular bug was fixed and a update package
was published for download. Please feel free to report any further bugs you find.

Note You need to log in before you can comment on or make changes to this bug.