Red Hat Bugzilla – Bug 350711
selinux denies /usr/lib/pm-utils/sleep.d/20video access to /var/run/vbemode
Last modified: 2008-01-30 14:18:45 EST
Since I updated to selinux-policy-2.6.4-48.fc7, resuming my Thinkpad T43 from
suspend has produced a couple of violations in setroubleshoot. This is probably
only hit on laptops that use the VBEMODE_RESTORE power management quirk.
Created attachment 236381 [details]
first selinux alert
Created attachment 236391 [details]
Second selinux alert
Looks like this a bug in policy or the app. Not sure who is creating this file,
but it needs to be labeled hald_var_run_t.
chcon -t hald_var_run_t /var/run/vbemode
will set the file context until the file is recreated.
I will add this context to the file system, you can test my fix by adding it
semanage fcontext -a -t hald_var_run_t '/var/run/vbe.*'
Should add it, See if this fixes the problem.
Fixed in selinux-policy-2.6.4-55.fc7
Bulk closing all bugs in Fedora updates in the modified state. If you bug is
not fixed, please reopen.