This service will be undergoing maintenance at 00:00 UTC, 2016-09-28. It is expected to last about 1 hours
Bug 243453 - audio-entropyd AVC denials
audio-entropyd AVC denials
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: audio-entropyd (Show other bugs)
7
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Tom "spot" Callaway
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-06-08 15:33 EDT by Jerry James
Modified: 2007-11-30 17:12 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-07-10 12:17:56 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Jerry James 2007-06-08 15:33:28 EDT
Description of problem:
On my next reboot after installing audio-entropyd onto a fresh F7 install, I got
the following AVC denials (with SELinux in permissive mode):

avc: denied { read, write } for comm="audio-entropyd" dev=tmpfs egid=0 euid=0
exe="/usr/sbin/audio-entropyd" exit=4 fsgid=0 fsuid=0 gid=0 items=0
name="random" pid=2592 scontext=system_u:system_r:entropyd_t:s0 sgid=0
subj=system_u:system_r:entropyd_t:s0 suid=0 tclass=chr_file
tcontext=system_u:object_r:random_device_t:s0 tty=(none) uid=0 

avc: denied { ioctl } for comm="audio-entropyd" dev=tmpfs egid=0 euid=0
exe="/usr/sbin/audio-entropyd" exit=0 fsgid=0 fsuid=0 gid=0 items=0
name="random" path="/dev/random" pid=2592
scontext=system_u:system_r:entropyd_t:s0 sgid=0
subj=system_u:system_r:entropyd_t:s0 suid=0 tclass=chr_file
tcontext=system_u:object_r:random_device_t:s0 tty=(none) uid=0 

avc: denied { dac_override } for comm="audio-entropyd" egid=0 euid=0
exe="/usr/sbin/audio-entropyd" exit=5 fsgid=0 fsuid=0 gid=0 items=0 pid=2592
scontext=system_u:system_r:entropyd_t:s0 sgid=0
subj=system_u:system_r:entropyd_t:s0 suid=0 tclass=capability
tcontext=system_u:system_r:entropyd_t:s0 tty=(none) uid=0 

Version-Release number of selected component (if applicable):
audio-entropyd-1.0.0-2.fc7

How reproducible:
Don't know.

Steps to Reproduce:
1. Install audio-entropyd
2. Reboot

Actual results:
The AVC denials described above are issued.

Expected results:
No AVC denials.

Additional info:
Comment 1 Tom "spot" Callaway 2007-07-10 12:17:56 EDT
The selinux-policy-2.6.4-25.fc7 package has an audioentropy module that seems to
work for me in resolving these AVC denials.

Please reopen if it doesn't resolve them.

Note You need to log in before you can comment on or make changes to this bug.