Bug 365311 - vmware selinux errors
Summary: vmware selinux errors
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: 8
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-11-03 18:06 UTC by Need Real Name
Modified: 2007-11-30 22:12 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-11-12 16:24:15 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Need Real Name 2007-11-03 18:06:56 UTC 
avc: denied { read write } for comm=vmnet-netifup dev=tmpfs egid=0 euid=0
exe=/usr/bin/vmnet-netifup exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name=vmnet8
pid=2061 scontext=system_u:system_r:vmware_host_t:s0 sgid=0
subj=system_u:system_r:vmware_host_t:s0 suid=0 tclass=chr_file
tcontext=system_u:object_r:device_t:s0 tty=(none) uid=0 

avc: denied { getattr } for comm=tmpwatch dev=sda2 egid=0 euid=0
exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0
path=/tmp/vmware-distrib pid=5530 scontext=system_u:system_r:tmpreaper_t:s0
sgid=0 subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=dir
tcontext=user_u:object_r:default_t:s0 tty=(none) uid=0
Comment 1 Daniel Walsh 2007-11-12 16:24:15 UTC 
Not sure how /dev/vmnet8 got created, but it is labeled icorrectly.  It should
be labeled vmware_device_t.  If vmware scripts are creating the device they
should be executing restorecon /dev/vmnet8 after the creation or use udev to
create it.

The second bug looks like a directory that was moved from / to /tmp


The default label of files created in / is default_t but this should be labeled
tmp_t on /tmp.  Not sure how this got created.
Note You need to log in before you can comment on or make changes to this bug.