Bug 202825 - avc complaint on hpiod startup
avc complaint on hpiod startup
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-08-16 12:46 EDT by Brian Brock
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version: Current
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-08-22 10:13:39 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Brian Brock 2006-08-16 12:46:30 EDT
error message generated from selinux when starting hplip in a xen guest

rawhide-20060816
hplip-1.6.6a-3.1
libselinux-1.30.19-5
libselinux-python-1.30.19-5
selinux-policy-2.3.3-18
selinux-policy-targeted-2.3.3-18
kernel 2.6.17-1.2517.fc6xen

start a xen guest, with hplip installed
run `service hplip start`
check dmesg, the following message has appeared:

audit(1155747153.978:5): avc:  denied  { read } for  pid=1682 comm="hpiod"
name="/" dev=usbfs ino=865 scontext=root:system_r:hplip_t:s0
tcontext=system_u:object_r:usbfs_t:s0 tclass=dir

I've only reproduced this in a xen guest, so far.  It doesn't seem to matter
with the dom0 has hplip installed and running.
Comment 1 Brian Brock 2006-08-16 12:48:20 EDT
the error is visible in the guest's dmesg; the dom0 never has an avc: denied
message.
Comment 2 Daniel Walsh 2006-09-18 15:10:34 EDT
Fixed in selinux-policy-2.3.14-3
Comment 3 Daniel Walsh 2007-08-22 10:13:39 EDT
Should be fixed in the current release

Note You need to log in before you can comment on or make changes to this bug.