Bug 170064 - NetworkManagerInfo cannot talk to dbus
NetworkManagerInfo cannot talk to dbus
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: selinux-policy-targeted (Show other bugs)
4.0
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
: Regression
: 170854 (view as bug list)
Depends On:
Blocks: 168429
  Show dependency treegraph
 
Reported: 2005-10-06 18:16 EDT by wilksen
Modified: 2007-11-30 17:07 EST (History)
2 users (show)

See Also:
Fixed In Version: RHBA-2006-0049
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-03-07 13:12:04 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description wilksen 2005-10-06 18:16:35 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050921 Red Hat/1.0.7-1.4.1 Firefox/1.0.7

Description of problem:
After updating RHEL4 to U2 NetworkManagerInfo cannot start up anymore and
prevents establishing a network connection. NetworkManager is running
successfully. 

/var/log/messages shows when starting NetworkManagerInfo as normal user:

Oct  6 17:49:21 localhost NetworkManagerInfo: NetworkManagerInfo could not get the system bus.  Make sure the message bus daemon is running?
Oct  6 17:49:22 localhost dbus: Can't send to audit system: USER_AVC pid=2465 uid=81 loginuid=-1 message=avc:  denied  { send_msg } for  scontext=user_u:system_r:unconfined_t tcontext=user_u:system_r:initrc_t tclass=dbus

Of, course dbus is running: 
dbus      2465     1  0 17:48 ?        00:00:00 dbus-daemon-1 --system

Also nscd has issues after starting NetworkManager as seen in
/var/log/audit/audit.log

type=AVC msg=audit(1128635668.602:41): avc:  denied  { create } for  pid=3481 comm="nscd" scontext=root:system_r:nscd_t tcontext=root:system_r:nscd_t tclass=netlink_audit_socket
type=SYSCALL msg=audit(1128635668.602:41): arch=40000003 syscall=102 success=no exit=-13 a0=1 a1=bfe1b070 a2=9bf2d0 a3=8d60a50 items=0 pid=3481 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="nscd" exe="/usr/sbin/nscd"


Version-Release number of selected component (if applicable):
selinux-policy-targeted-1.17.30-2.110 dbus-0.22-12.EL.5

How reproducible:
Always

Steps to Reproduce:
1.Update RHEL4 to U2
2.Reboot (relabel doesn't help either)
3.Start NetworkManager and then NetworkManagerInfo
  

Actual Results:  NetworkManagerInfo never starts successfully probably because it can't talk
to the system bus hence no net connection can be established.

Expected Results:  NetworkManagerInfo should come up fine and be able to talk to the system bus.

Additional info:
Comment 1 wilksen 2005-10-06 18:19:43 EDT
Setting SELinux to permissive mode works fine so I guess it is a policy 
issue?
Comment 2 Daniel Walsh 2005-10-07 15:06:40 EDT
Please try the policy in 

ftp://people.redhat.com/dwalsh/SELinux/RHEL4/u3

Should be fixed in selinux-policy-targeted-1.17.30-2.113
Comment 3 wilksen 2005-10-07 19:26:20 EDT
That updated policy fixes the NetworkManager issue. Thanks, Dan.
NetworkManager/NetworkManagerInfo now work fine after installing  
selinux-policy-targeted-1.17.30-2.113. No error messages seen anymore in 
/var/log/messages. 

BTW an empty /etc/resolv.conf has correct entries after rebooting or restarting
NetworkManager (and hence nscd) but /var/log/audit/audit.log still shows:

type=AVC msg=audit(1128641390.740:33): avc:  denied  { read } for  pid=3268
comm="nscd" name="resolv.conf" dev=dm-0 ino=672619 scontext=root:system_r:nscd_t
tcontext=root:object_r:etc_runtime_t tclass=file
type=SYSCALL msg=audit(1128641390.740:33): arch=40000003 syscall=5 success=no
exit=-13 a0=acfc2c a1=0 a2=1b6 a3=acfc2c items=1 pid=3268 auid=4294967295 uid=28
gid=28 euid=28 suid=28 fsuid=28 egid=28 sgid=28 fsgid=28 comm="nscd"
exe="/usr/sbin/nscd"
type=CWD msg=audit(1128641390.740:33):  cwd="/"
type=PATH msg=audit(1128641390.740:33): name="/etc/resolv.conf" flags=101 
inode=672619 dev=fd:00 mode=0100644 ouid=0 ogid=0
rdev=00:00


Comment 4 Daniel Walsh 2005-10-11 13:14:18 EDT
THis means that somehow the /etc/resolv.conf got created incorrectly.  

restorecon /etc/resolv.con 

will change the context to net_conf_t, which is what it should be.  Any idea how
this file got created?
Comment 5 wilksen 2005-10-11 21:35:18 EDT
Yeah, I tried restorecon /etc/resolv.conf before. Again, I just
stopped NetworkManager (and nscd), removed /etc/resolv.conf
and restarted NetworkManager. In /var/log/audit/audit.log it still appears
what is pasted below. Using strace says that NetworkManager creates
/etc/resolv.conf - as expected I assume. It eventually works though.

type=AVC msg=audit(1128990758.811:19): avc:  denied  { read } for  pid=3160
comm="nscd" name="resolv.conf" dev=dm-0 ino=672076 scontext=root:system_r:nscd_t
tcontext=root:object_r:etc_runtime_t tclass=file
type=SYSCALL msg=audit(1128990758.811:19): arch=40000003 syscall=5 success=yes
exit=15 a0=a14c2c a1=0 a2=1b6 a3=a14c2c items=1 pid=3160 auid=4294967295 uid=28
gid=28 euid=28 suid=28 fsuid=28 egid=28 sgid=28 fsgid=28 comm="nscd"
exe="/usr/sbin/nscd"
type=CWD msg=audit(1128990758.811:19):  cwd="/"
type=PATH msg=audit(1128990758.811:19): name="/etc/resolv.conf" flags=101 
inode=672076 dev=fd:00 mode=0100644 ouid=0 ogid=0
rdev=00:00
type=AVC msg=audit(1128990758.812:20): avc:  denied  { getattr } for  pid=3160
comm="nscd" name="resolv.conf" dev=dm-0 ino=672076 scontext=root:system_r:nscd_t
tcontext=root:object_r:etc_runtime_t tclass=file
type=SYSCALL msg=audit(1128990758.812:20): arch=40000003 syscall=197 success=yes
exit=0 a0=f a1=b734bb2c a2=a1eff4 a3=9ac8cd0 items=0 pid=3160 auid=4294967295
uid=28 gid=28 euid=28 suid=28 fsuid=28 egid=28 sgid=28 fsgid=28 comm="nscd"
exe="/usr/sbin/nscd"
type=AVC_PATH msg=audit(1128990758.812:20):  path="/etc/resolv.conf"
Comment 6 Daniel Walsh 2005-10-12 14:11:34 EDT
Ok, updated policy to allow this.  1.17.30-2.114
Comment 7 wilksen 2005-10-12 15:22:10 EDT
Thanks, looks fine here now. 
Comment 8 Daniel Walsh 2005-10-15 13:00:09 EDT
*** Bug 169999 has been marked as a duplicate of this bug. ***
Comment 9 Daniel Walsh 2005-10-17 16:22:16 EDT
*** Bug 170854 has been marked as a duplicate of this bug. ***
Comment 12 Peter Bieringer 2006-01-12 06:33:32 EST
Here too, updated to this version now, because nscd suddenly began crashing
again (probably the reason: restart of postfix-2.2.8 using LDAP).
Comment 15 Red Hat Bugzilla 2006-03-07 13:12:04 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2006-0049.html

Note You need to log in before you can comment on or make changes to this bug.