Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 171789 - acpid can't send dbus signals
acpid can't send dbus signals
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
4
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-10-26 10:27 EDT by Matthew Saltzman
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-05-05 11:03:20 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Matthew Saltzman 2005-10-26 10:27:19 EDT 
Description of problem:
Recent versions of NetworkManager use dbus signals to control actions related to
suspend/resume (among others).

The suspend script runs without error when executed from the command line, but
produces these errors when invoked by pressing the suspend key.

On suspend, /var/log/debug reports:

    Oct 22 12:59:14 vincent52 dbus: Can't send to audit system: USER_AVC
    pid=2180 uid=81 loginuid=-1 message=avc:  denied  { send_msg } for
    msgtype=method_call interface=org.freedesktop.NetworkManager
    member=sleep dest=org.freedesktop.NetworkManager spid=31524 tpid=2239
    scontext=system_u:system_r:apmd_t
    tcontext=system_u:system_r:NetworkManager_t tclass=dbus

On resume, /var/log/debug reports:

    Oct 22 12:59:39 vincent52 dbus: Can't send to audit system: USER_AVC
    pid=2180 uid=81 loginuid=-1 message=avc:  denied  { send_msg } for
    msgtype=method_call interface=org.freedesktop.NetworkManager
    member=wake dest=org.freedesktop.NetworkManager spid=31542 tpid=2239
    scontext=system_u:system_r:apmd_t
    tcontext=system_u:system_r:NetworkManager_t tclass=dbus

No messages appear in /var/log/audit/audit.log.


The relevant section of the suspend script is:

    /usr/bin/dbus-send --system --dest=org.freedesktop.NetworkManager \
    --type=method_call /org/freedesktop/NetworkManager \
    org.freedesktop.NetworkManager.sleep

    sync
    echo -n "mem" > /sys/power/state

    /usr/bin/dbus-send --system --dest=org.freedesktop.NetworkManager \
    --type=method_call /org/freedesktop/NetworkManager \
    org.freedesktop.NetworkManager.wake


Version-Release number of selected component (if applicable):
selinux-policy-targeted-1.27.1-2.7

How reproducible:
Always

Steps to Reproduce:
1. Run NetworkManager
2. Suspend via acpid (close lid or press sleep button)
3. Resume
  
Actual results:
As described above.  NM is confused if suspended and resumed in different
locations, attempts to connect to old WAP, which is no longer accessible. 

Expected results:
No errors.  NM takes actions specified for suspend/resume.  In particular, drops
memory of scanned netowrks on suspend and initiates fresh scan on resume.

Additional info:
Comment 1 Matthew Saltzman 2005-11-10 11:17:59 EST 
This seems to be working now as of selinux-policy-targeted-1.27.1-2.11.
Comment 2 Matthew Saltzman 2005-11-10 21:11:01 EST 
No, I was wrong.  I am seeing these messages with kernel-2.6.14-1.1637_FC4.
Comment 3 Daniel Walsh 2005-11-30 15:28:16 EST 
Looks like the fix is in selinux-policy-targeted-1.27.1-2.14, unless you are
seeing other AVC messages?
Comment 4 Matthew Saltzman 2005-12-02 16:18:45 EST 
Well, now that you mention it, I still have this in audit.log:

type=AVC msg=audit(1133557214.518:354): avc:  denied  { execute } for  pid=28915
comm="ifdown" name="functions" dev=dm-0 ino=16571
scontext=system_u:system_r:NetworkManager_t tcontext=system_u:object_r:etc_t
tclass=file

NetworkManager suspend/resume does seem to function, however.
Comment 5 Matthew Saltzman 2005-12-04 12:11:27 EST 
Not that it's unexpected, but I'm still seeing this with
selinux-policy-targeted-1.27.1-2.16.
Comment 7 Daniel Walsh 2006-05-05 11:03:20 EDT 
Closing as these have been marked as modified, for a while.  Feel free to reopen
if not fixed
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.