Bug 239403 - selinux interecepts hald
selinux interecepts hald
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
Depends On:
  Show dependency treegraph
Reported: 2007-05-08 03:54 EDT by Adam Tkac
Modified: 2013-04-30 19:35 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-05-14 14:35:44 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Adam Tkac 2007-05-08 03:54:46 EDT
Description of problem:
selinux interecepts my haldaemon so I can't start it (HAL)

Version-Release number of selected component (if applicable):
rpm -q selinux-policy

How reproducible:

Steps to Reproduce:
1. service haldaemon start

Actual results:
nasty messages in /var/log/audit/audit.log

Expected results:
no intereception

Additional info:
messages are like this:
type=AVC msg=audit(1178610564.321:25): avc:  denied  { write } for  pid=3243
comm="hald-generate-f" name="hald" dev=dm-0 ino=131674
scontext=user_u:system_r:hald_t:s0 tcontext=system_u:object_r:var_t:s0 tclass=dir
type=SYSCALL msg=audit(1178610564.321:25): arch=c000003e syscall=2 success=no
exit=-13 a0=7ffffdbb47b0 a1=242 a2=1a4 a3=7ffffdbb45b6 items=0 ppid=3242
pid=3243 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) comm="hald-generate-f" exe="/usr/libexec/hald-generate-fdi-cache"
subj=user_u:system_r:hald_t:s0 key=(null)
type=AVC msg=audit(1178610564.329:26): avc:  denied  { read } for  pid=3241
comm="hald" name="fdi-cache" dev=dm-0 ino=131842
scontext=user_u:system_r:hald_t:s0 tcontext=user_u:object_r:var_t:s0 tclass=file
type=SYSCALL msg=audit(1178610564.329:26): arch=c000003e syscall=2 success=no
exit=-13 a0=43b0ef a1=0 a2=12 a3=3 items=0 ppid=3240 pid=3241 auid=4294967295
uid=68 gid=68 euid=68 suid=68 fsuid=68 egid=68 sgid=68 fsgid=68 tty=(none)
comm="hald" exe="/usr/sbin/hald" subj=user_u:system_r:hald_t:s0 key=(null)
Comment 1 Daniel Walsh 2007-05-14 14:35:44 EDT
This looks like a labeling problem on /var/cache/hald.

restorecon -R -v /var/cache/hald 

should clean it up.

Not sure how it got mislabeled.

Note You need to log in before you can comment on or make changes to this bug.