Bug 425271 - SELinux error on resume from suspend
SELinux error on resume from suspend
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: pm-utils (Show other bugs)
x86_64 Linux
high Severity high
: ---
: ---
Assigned To: Phil Knirsch
Depends On:
  Show dependency treegraph
Reported: 2007-12-14 14:07 EST by Gary Case
Modified: 2015-03-04 20:19 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-12-17 05:46:28 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Gary Case 2007-12-14 14:07:49 EST
Description of problem:
SELinux is preventing /usr/sbin/vbetool (vbetool_t) "write" to
/var/log/pm/suspend.log (pmtools_log_t).

Version-Release number of selected component (if applicable):
pm-utils-0.99.3-6.el5.17 (RHEL5.1 with no updates)

How reproducible:
Every time

Steps to Reproduce:
1. Suspend system
2. Resume system
Actual results:
SELinux error

Expected results:
No errors

Additional info:
Source Context:  system_u:system_r:vbetool_t
Target Context:  system_u:object_r:pmtools_log_t
Target Objects:  /var/log/pm/suspend.log [ file ]
Affected RPM Packages:  pm-utils-0.99.3-6.el5.17
[application]pm-utils-0.99.3-6.el5.17 [target]Policy 
RPM:  selinux-policy-2.4.6-104.el5
Selinux Enabled:  True
Policy Type:  targeted
MLS Enabled:  True
Enforcing Mode:  Enforcing
Plugin Name:  plugins.catchall_file
Host Name:  dhcp243-187.rdu.redhat.com
Platform:  Linux dhcp243-187.rdu.redhat.com 2.6.18-53.el5 #1 SMP Wed Oct 10
16:34:19 EDT 2007 x86_64 x86_64
Alert Count:  10
Line Numbers:   

Raw Audit Messages :
avc: denied { write } for comm="vbetool" dev=dm-0 egid=0 euid=0
exe="/usr/sbin/vbetool" exit=0 fsgid=0 fsuid=0 gid=0 items=0
path="/var/log/pm/suspend.log" pid=4564 scontext=system_u:system_r:vbetool_t:s0
sgid=0 subj=system_u:system_r:vbetool_t:s0 suid=0 tclass=file
tcontext=system_u:object_r:pmtools_log_t:s0 tty=(none) uid=0
Comment 1 RHEL Product and Program Management 2007-12-14 14:54:37 EST
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
Comment 2 Gary Case 2007-12-14 15:53:42 EST
It looks like this is fixed in the latest packages. I did a yum update to the
current RHN bits and the problem went away.

Comment 3 John Feeney 2007-12-14 16:06:59 EST
Probably due to bz327121. So I guess this is a dup.
Comment 4 Phil Knirsch 2007-12-17 05:46:28 EST
Ok, closing as ERRATA due to comment #2 and #3.

Read ya, Phil

Note You need to log in before you can comment on or make changes to this bug.