Bug 176634 - hald causes avc denial messages once a second
Summary: hald causes avc denial messages once a second
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted   
(Show other bugs)
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-12-28 04:00 UTC by Dave Jones
Modified: 2015-01-04 22:23 UTC (History)
1 user (show)

Fixed In Version: 2.1.6-20
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-03-21 01:44:16 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Dave Jones 2005-12-28 04:00:28 UTC
Watching audit.log, I notice that when HAL probes my 5-in-1 card reader once a
second, it's logging denials..

type=AVC msg=audit(1135742565.419:42026): avc:  denied  { read } for  pid=4504
comm="hald-addon-stor" name="ubc" dev=tmpfs ino=13246
scontext=system_u:system_r:hald_t:s0 tcontext=system_u:object_r:device_t:s0
tclass=blk_file
type=SYSCALL msg=audit(1135742565.419:42026): arch=c000003e syscall=2 success=no
exit=-13 a0=7fffffc0ce38 a1=0 a2=0 a3=8 items=1 pid=4504 auid=4294967295 uid=0
gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="hald-addon-stor"
exe="/usr/libexec/hald-addon-storage"
type=CWD msg=audit(1135742565.419:42026):  cwd="/"
type=PATH msg=audit(1135742565.419:42026): item=0 name="/dev/ubc" flags=101 
inode=13246 dev=00:10 mode=060640 ouid=0 ogid=6 rdev=b4:10
type=AVC msg=audit(1135742565.431:42027): avc:  denied  { read } for  pid=4498
comm="hald-addon-stor" name="uba" dev=tmpfs ino=13237
scontext=system_u:system_r:hald_t:s0 tcontext=system_u:object_r:device_t:s0
tclass=blk_file
type=SYSCALL msg=audit(1135742565.431:42027): arch=c000003e syscall=2 success=no
exit=-13 a0=7fffffb52e3a a1=0 a2=0 a3=8 items=1 pid=4498 auid=4294967295 uid=0
gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="hald-addon-stor"
exe="/usr/libexec/hald-addon-storage"
type=CWD msg=audit(1135742565.431:42027):  cwd="/"
type=PATH msg=audit(1135742565.431:42027): item=0 name="/dev/uba" flags=101 
inode=13237 dev=00:10 mode=060640 ouid=0 ogid=6 rdev=b4:00
type=AVC msg=audit(1135742565.435:42028): avc:  denied  { read } for  pid=4527
comm="hald-addon-stor" name="ube" dev=tmpfs ino=13394
scontext=system_u:system_r:hald_t:s0 tcontext=system_u:object_r:device_t:s0
tclass=blk_file
type=SYSCALL msg=audit(1135742565.435:42028): arch=c000003e syscall=2 success=no
exit=-13 a0=7fffffe00e36 a1=0 a2=0 a3=8 items=1 pid=4527 auid=4294967295 uid=0
gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="hald-addon-stor"
exe="/usr/libexec/hald-addon-storage"
type=CWD msg=audit(1135742565.435:42028):  cwd="/"
type=PATH msg=audit(1135742565.435:42028): item=0 name="/dev/ube" flags=101 
inode=13394 dev=00:10 mode=060640 ouid=0 ogid=6 rdev=b4:20
type=AVC msg=audit(1135742565.699:42029): avc:  denied  { read } for  pid=4502
comm="hald-addon-stor" name="ubb" dev=tmpfs ino=13244
scontext=system_u:system_r:hald_t:s0 tcontext=system_u:object_r:device_t:s0
tclass=blk_file
type=SYSCALL msg=audit(1135742565.699:42029): arch=c000003e syscall=2 success=no
exit=-13 a0=7fffff99ee38 a1=0 a2=0 a3=8 items=1 pid=4502 auid=4294967295 uid=0
gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="hald-addon-stor"
exe="/usr/libexec/hald-addon-storage"
type=CWD msg=audit(1135742565.699:42029):  cwd="/"
type=PATH msg=audit(1135742565.699:42029): item=0 name="/dev/ubb" flags=101 
inode=13244 dev=00:10 mode=060640 ouid=0 ogid=6 rdev=b4:08

Comment 1 Daniel Walsh 2006-01-02 17:02:47 UTC
Fixed in selinux-policy-2.1.6-20


Note You need to log in before you can comment on or make changes to this bug.