Bug 186406 - Gnome-bluetooth manager will not run under Enforcing SELinux settings.
Summary: Gnome-bluetooth manager will not run under Enforcing SELinux settings.
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted
Version: 5
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-03-23 13:07 UTC by Scott
Modified: 2007-11-30 22:11 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-05-05 15:03:45 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
grep of "blue" against /var/messages/log (9.30 KB, text/plain)
2006-03-23 13:07 UTC, Scott 		no flags Details
View All

Description Scott 2006-03-23 13:07:17 UTC 
Description of problem: Gnome-bluetooth manager will not run under Enforcing
SELinux settings.

Version-Release number of selected component (if applicable):
gnome-bluetooth-0.7.0-2

How reproducible:
every time

Steps to Reproduce:
1. Try to start Gnome-bluetooth manager from Gnome menu or CLI

Actual results:
Nothing appears to happen

Expected results:
Bluetooth manager to start up

Additional info:
If you change to permissive SELinux settings it appears to work fine.  This was
on a freshly installed system with updates applied.  No customisations made yet.
Comment 1 Scott 2006-03-23 13:07:17 UTC 
Created attachment 126540 [details]
grep of "blue" against /var/messages/log
Comment 2 Rahul Sundaram 2006-03-23 13:28:46 UTC 

SELinux bugs should be assigned to SELinux components regardless of the actual
package since the policy is managed centrally. Reassigning.
Comment 3 Andy Burns 2006-04-02 11:46:58 UTC 
Essentially a "me too" running FC5 with all released updates (not testing on
this box) with selinux enforcing 

Same errors as reported above from hcid/bluez-pin/sdpd/rfcomm
Comment 4 Daniel Walsh 2006-04-03 15:57:05 UTC 
Fixed in selinux-policy-2.2.29-2.fc5
Comment 5 Jeroen Benckhuijsen 2006-04-22 13:49:48 UTC 
Using bluetooth with selinux-policy-2.2.29-3.fc5 does not work with selinux set
to enforce. The following message is shown in /var/log/messages:

Apr 22 10:33:41 f10197 hcid[2069]: Can't get system message bus name: Connection
":1.0" is not allowed to own the service "org.bluez" due to SELinux policy
Apr 22 10:33:41 f10197 sdpd[2072]: Bluetooth SDP daemon
Apr 22 10:33:41 f10197 hcid[2069]: Unable to get on D-BUS

Using setenforce to change se-linux to permisseve allows bluetooth to work.

Is this bug perhaps connected to bug # 182094?
Comment 6 Daniel Walsh 2006-04-25 02:45:17 UTC 
Are you seeing any AVC MEssages?
Comment 7 Jeroen Benckhuijsen 2006-04-25 18:54:32 UTC 
I've scanned /var/log/messages for some messages. Near the messages mentioned
above no SELinux messages are present. There is however a message, which might
be of interest??

Apr 23 17:13:06 i243061 kernel: audit(1145805186.643:30): user pid=2062 uid=81
auid=4294967295 msg='avc:  denied  { acquire_svc } for service=org.bluez
spid=3726 scontext=system_u:system_r:bluetooth_t
tcontext=system_u:system_r:system_dbusd_t tclass=dbus
Comment 8 Daniel Walsh 2006-04-26 13:10:26 UTC 
Try selinux-policy-2.2.34-3.fc5
Comment 10 Daniel Walsh 2006-05-05 15:03:45 UTC 
Closing as these have been marked as modified, for a while.  Feel free to reopen
if not fixed
Note You need to log in before you can comment on or make changes to this bug.