Bug 292881 - SELinux is preventing /sbin/ifconfig (ifconfig_t) "read write" to /var/run/tuncfg.lock (initrc_t).
Summary: SELinux is preventing /sbin/ifconfig (ifconfig_t) "read write" to /var/run/tu...
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: 7
Hardware: All
OS: Linux
medium
low
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-09-17 09:36 UTC by Martin Jürgens
Modified: 2008-02-18 15:08 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2008-02-18 15:08:42 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
selinux_alert (2.10 KB, text/plain)
2007-09-17 09:36 UTC, Martin Jürgens 		no flags Details
View All

Description Martin Jürgens 2007-09-17 09:36:25 UTC 
Description of problem:
SELinux warning when logging in to Hamachi.


Additional info:

I have Hamachi installed. When I log in, I get that SELinux warning.
Comment 1 Martin Jürgens 2007-09-17 09:36:25 UTC 
Created attachment 197211 [details]
selinux_alert
Comment 2 Radek Vokál 2008-01-14 08:32:24 UTC 
I've never heard about Hamachi? Is that something I can install from a Fedora repo?
Comment 3 Martin Jürgens 2008-02-18 12:32:19 UTC 
No, it is not.. It is a proprietary VPN application, see
https://secure.logmein.com/home.asp?lang=de
Comment 4 Daniel Walsh 2008-02-18 15:08:42 UTC 
This is a leaked file descriptor.

Hamachi should be closing all file descriptors on exec.

fcntl(fd, F_SETFD, FD_CLOEXEC)

This can be ignored, as SELinux is closing the file descriptor before starting
ifconfig.  You can either dontaudit it or allow it using audit2allow, to get rid
of the message.

# audit2allow -M mypol -i /var/log/audit/audit.log 
# semodule -i mypol.pp
Note You need to log in before you can comment on or make changes to this bug.