Bug 229195 - killall5 (hald_t) generates audit messages during laptop suspend
killall5 (hald_t) generates audit messages during laptop suspend
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
Depends On:
  Show dependency treegraph
Reported: 2007-02-19 09:15 EST by Paul W. Frields
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version: Current
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-09-12 13:08:17 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Audit log showing AVC messages on suspend/resume (164.67 KB, text/plain)
2007-02-19 09:15 EST, Paul W. Frields
no flags Details

  None (edit)
Description Paul W. Frields 2007-02-19 09:15:59 EST
Description of problem:
After suspend/resume on my ThinkPad T60p, the sealert tray icon is active and
the setroubleshoot browser presents a fairly sizable number of messages relating
to /sbin/killall5 being unable to access (kill, I assume) processes during the
suspend procedure.  The particular function calls seem to mostly ptrace and
sys_ptrace.  I'm using enforcing mode, and the system doesn't seem to be
adversely affected AFAICT.

Version-Release number of selected component (if applicable):

How reproducible:
Every time.

Steps to Reproduce:
1.  Close lid of laptop to initiate suspend.
2.  Wait, then open and resume.
3.  Observe sealert icon and read setroubleshoot browser.
Actual results:
Audit log (attached).

Expected results:
Fewer or no such messages?

Additional info:
I stripped out messages generated by my use of ipw3945, which can be safely
ignored if there are any I missed.
Comment 1 Paul W. Frields 2007-02-19 09:15:59 EST
Created attachment 148320 [details]
Audit log showing AVC messages on suspend/resume
Comment 2 Daniel Walsh 2007-03-20 11:41:17 EDT
Should be fixed in selinux-policy-2.4.6-42.fc6
Comment 3 Daniel Walsh 2007-09-12 13:08:17 EDT
Moving modified bugs to closed

Note You need to log in before you can comment on or make changes to this bug.