Bug 182632 - selinux-policy-2.2.20-1 prevents me from running vpnc
selinux-policy-2.2.20-1 prevents me from running vpnc
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Depends On:
Blocks: FC5Blocker
  Show dependency treegraph
Reported: 2006-02-23 14:26 EST by Nalin Dahyabhai
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-03-08 16:00:11 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Nalin Dahyabhai 2006-02-23 14:26:25 EST
Description of problem:
With the latest version of the SELinux policy installed, vpnc appears to hang
when I run it.  Under strace, I can tell that it attempted to prompt me for
information which wasn't in its configuration file, and is waiting for me to
respond, but the prompt didn't make it to the console (/dev/tty2).

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Install vpnc.
2. Log in on a text console as 'root'.
3. Run vpnc.
Actual results:
Nothing happens.  The command appears to hang.

Expected results:
vpnc should prompt me for the address of my VPN concentrator.

Additional info:
This appears to have broken somewhere between 2.2.12 and 2.2.17.  The avc
denials which are logged are all for this av:
type=AVC msg=audit(1140722662.992:753): avc:  denied  { use } for  pid=31422
comm="vpnc" name="tty2" dev=tmpfs ino=1199
tcontext=system_u:system_r:local_login_t:s0-s0:c0.c255 tclass=fd
Comment 1 Daniel Walsh 2006-02-23 14:46:10 EST
Fixed in Fedora/selinux-policy-2.2.21-2.noarch.rpm
Comment 2 Nalin Dahyabhai 2006-02-23 14:46:44 EST

Note You need to log in before you can comment on or make changes to this bug.