Red Hat Bugzilla – Bug 245288
selinux requested bug submission
Last modified: 2008-06-16 21:41:15 EDT
Description of problem:
selinux alert - requested bug submission against /usr/lib/libSDL module
Version-Release number of selected component (if applicable):
unable to access hardware
Steps to Reproduce:
1. see bug report from selinux
Created attachment 157597 [details]
selinux alert message
This looks like a labeling problem.
restorecon -R -v /var/lib
Ran this command at request of selinux:
[root@localhost ~]# touch /.autorelabel; reboot
Is this equivalent to restorecon -R -v /var/lib?
Ran restorecon -R -v /var/lib as well, no change.
But is the file labeled correctly now?
ls -lZ /usr/lib/libSDL-1.2.so*
Should be labeled textrel_shlib_t
Yes, it is labeled correctly now. Sane still doesn't see my scanner though.
Don't have time right now to check other devices, will do that this afternoon.
This is the result:
[root@localhost ~]# ls -lZ /usr/lib/libSDL-1.2.so*
lrwxrwxrwx root root system_u:object_r:lib_t /usr/lib/libSDL-1.2.so.0
-rwxr-xr-x root root system_u:object_r:textrel_shlib_t
Ok so the question is whether SELinux is preventing this access or something
else. If you run in permissive mode, can sane see th scanner? Do you see any
other avc messages in /var/log/audit/audit.log
Created attachment 157644 [details]
While searching for answers to the permissions, I have discovered that /dev/usb
is assigned to root. What group is it supposed to be assigned to?
I think it is probably correct.
Try to use your scanner in permissive mode.
# setenforce 0
Plug the scanner in. Does it work now? If not, then it is probably not a
selinux policy problem.
# restorecon -R -v /root
Created attachment 157999 [details]
First error message
Created attachment 158000 [details]
Second error message
Did these happen in permissive mode.
They both happened in permissive mode. The same erro is generated in enforcing
mode as well. The second error is my fault, I unplugged the scanner usb cable
and plugged it back in but did not get it in all they way. Re-insertion and
running the command again generated the same error.
Ok in that case this is almost certainly not an SELinux error. Reassinging to hal.
Wayne, please try sane-backends-1.0.18-7.fc7 from updates-testing which has
workarounds for USB hardware problems and report back whether it makes a
difference to you.
Created attachment 158114 [details]
yum update output
Created attachment 158115 [details]
mail to root generated at end of yum update
The error message when opening the scanner-tool is the same after updating
What should I be doing about the kernel errors? I don't recall seeing mail
generated before and as the computer is only three days old, I'm rather surprised.
This message is a reminder that Fedora 7 is nearing the end of life. Approximately 30 (thirty) days from now Fedora will stop maintaining and issuing updates for Fedora 7. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as WONTFIX if it remains open with a Fedora 'version' of '7'.
Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version prior to Fedora 7's end of life.
Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Fedora 7 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora please change the 'version' of this bug. If you are unable to change the version, please add a comment here and someone will do it for you.
Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. If possible, it is recommended that you try the newest available Fedora distribution to see if your bug still exists.
Please read the Release Notes for the newest Fedora distribution to make sure it will meet your needs:
The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Fedora 7 changed to end-of-life (EOL) status on June 13, 2008.
Fedora 7 is no longer maintained, which means that it will not
receive any further security or bug fix updates. As a result we
are closing this bug.
If you can reproduce this bug against a currently maintained version
of Fedora please feel free to reopen this bug against that version.
Thank you for reporting this bug and we are sorry it could not be fixed.