229195 – killall5 (hald_t) generates audit messages during laptop suspend

Bug 229195 - killall5 (hald_t) generates audit messages during laptop suspend

Summary: killall5 (hald_t) generates audit messages during laptop suspend

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy
Sub Component:
Version:	6
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Daniel Walsh
QA Contact:	Ben Levenson
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2007-02-19 14:15 UTC by Paul W. Frields
Modified:	2007-11-30 22:11 UTC (History)
CC List:	1 user (show)
Fixed In Version:	Current
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2007-09-12 17:08:17 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
Audit log showing AVC messages on suspend/resume (164.67 KB, text/plain) 2007-02-19 14:15 UTC, Paul W. Frields	no flags	Details
View All

Description Paul W. Frields 2007-02-19 14:15:59 UTC

Description of problem:
After suspend/resume on my ThinkPad T60p, the sealert tray icon is active and
the setroubleshoot browser presents a fairly sizable number of messages relating
to /sbin/killall5 being unable to access (kill, I assume) processes during the
suspend procedure.  The particular function calls seem to mostly ptrace and
sys_ptrace.  I'm using enforcing mode, and the system doesn't seem to be
adversely affected AFAICT.

Version-Release number of selected component (if applicable):
2.4.6-37.fc6

How reproducible:
Every time.

Steps to Reproduce:
1.  Close lid of laptop to initiate suspend.
2.  Wait, then open and resume.
3.  Observe sealert icon and read setroubleshoot browser.
  
Actual results:
Audit log (attached).

Expected results:
Fewer or no such messages?

Additional info:
I stripped out messages generated by my use of ipw3945, which can be safely
ignored if there are any I missed.

Comment 1 Paul W. Frields 2007-02-19 14:15:59 UTC

Created attachment 148320 [details]
Audit log showing AVC messages on suspend/resume

Comment 2 Daniel Walsh 2007-03-20 15:41:17 UTC

Should be fixed in selinux-policy-2.4.6-42.fc6

Comment 3 Daniel Walsh 2007-09-12 17:08:17 UTC

Moving modified bugs to closed

Note You need to log in before you can comment on or make changes to this bug.