Bug 249397 - SELinux interaction with VMware
Summary: SELinux interaction with VMware
Keywords:
Status: CLOSED CANTFIX
Alias: None
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-07-24 13:01 UTC by Tony Camuso
Modified: 2007-10-29 20:06 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-10-29 20:06:31 UTC
Embargoed:


Attachments (Terms of Use)

Description Tony Camuso 2007-07-24 13:01:22 UTC
Description of problem:

Cannot mount hgfs disks or USB jump drives on Linux guest running on XP host in
VMware player. 

The following alerts were issued and the drives were not mounted. 

SELinux is preventing /sbin/ifconfig (ifconfig_t) "read" to
/var/run/vmware-active-nics (initrc_var_run_t).

SELinux denied access requested by /sbin/ifconfig. It is not expected that this
access is required by /sbin/ifconfig and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.

Sometimes labeling problems can cause SELinux denials. You could try to restore
the default system file context for /var/run/vmware-active-nics, restorecon -v
/var/run/vmware-active-nics If this does not work, there is currently no
automatic way to allow this access. Instead, you can generate a local policy
module to allow this access - see FAQ Or you can disable SELinux protection
altogether. Disabling SELinux protection is not recommended. Please file a bug
report against this package.


Version-Release number of selected component (if applicable):


How reproducible:
Every boot


Steps to Reproduce:
1. Boot fedora guest with 2.6.22.1-27.fc7 kernel on XP host. 
2.
3.
  
Actual results:

The above alerts. 

Expected results:

No alerts. 

Additional info:

Comment 1 Tony Camuso 2007-10-29 20:06:31 UTC
VMWARE has informed me that they do not support Fedora guests. 



Note You need to log in before you can comment on or make changes to this bug.