Bug 242015 - selinux policy prevents wpa_supplicant / NetworkManager to write to wireless network device
selinux policy prevents wpa_supplicant / NetworkManager to write to wireless ...
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
7
i386 Linux
low Severity high
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-06-01 05:51 EDT by Dennis Ortsen
Modified: 2007-11-30 17:12 EST (History)
1 user (show)

See Also:
Fixed In Version: Current
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-08-22 10:08:20 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
detailed explaination from the setroubleshoot browser (5.43 KB, text/plain)
2007-06-01 05:51 EDT, Dennis Ortsen
no flags Details

  None (edit)
Description Dennis Ortsen 2007-06-01 05:51:41 EDT
Description of problem:
after having setup wpa_supplicant and NetworkManager to connect to a wireless
network wpa_supplicant needs to write to the network device. This is denied by
the SE-linux policy....

Version-Release number of selected component (if applicable):
selinux-policy-2.6.4-8.fc7

How reproducible:
use NetworkManager together with wpa_supplicant to connect to a wireless network.

Steps to Reproduce:
1.
2.
3.
  
Actual results:
the selinux troubleshoot browser pops up with the message saying:

SELinux is preventing /usr/sbin/NetworkManager (NetworkManager_t) "unlink" to
eth1 (var_run_t).

and:

SELinux is preventing /usr/sbin/wpa_supplicant (NetworkManager_t) "write" to
eth1 (var_run_t).

Expected results:
Since the F7 goal was to install F7 on any laptop, wireless should work out of
the box. It seems that this goal has been achieved, except the selinux policy is
messing things up....

Additional info:
in the attachment the details are saved from teh setroubleshoot browser
Comment 1 Dennis Ortsen 2007-06-01 05:51:41 EDT
Created attachment 155866 [details]
detailed explaination from the setroubleshoot browser
Comment 2 Daniel Walsh 2007-06-04 15:29:11 EDT
Fixed in selinux-policy-2.6.4-13.fc7
Comment 3 Daniel Walsh 2007-08-22 10:08:20 EDT
Closing as fixes are in the current release

Note You need to log in before you can comment on or make changes to this bug.