Bug 429603 - selinux is preventing NetworkManager from writing to /var/pm-suspend.log
selinux is preventing NetworkManager from writing to /var/pm-suspend.log
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
Depends On:
  Show dependency treegraph
Reported: 2008-01-21 16:40 EST by Alex Eskin
Modified: 2008-03-05 17:17 EST (History)
0 users

See Also:
Fixed In Version: Current
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-03-05 17:17:07 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Alex Eskin 2008-01-21 16:40:50 EST
Description of problem:


SELinux is preventing /usr/sbin/NetworkManager (NetworkManager_t) "write" to
/var/log/pm-suspend.log (hald_log_t).

Detailed Description

SELinux denied access requested by /usr/sbin/NetworkManager. It is not expected
that this access is required by /usr/sbin/NetworkManager and this access may
signal an intrusion attempt. It is also possible that the specific version or
configuration of the application is causing it to require additional access.

Additional Information

Source Context:  system_u:system_r:NetworkManager_t:s0
Target Context:  system_u:object_r:hald_log_t:s0Target
Objects:  /var/log/pm-suspend.log [ file ]Affected RPM
Packages:  NetworkManager-0.7.0-0.6.6.svn3138.fc8
[application]pm-utils-0.99.4-6.fc8 [target]Policy RPM:  selinux-policy-3.0.8-72.fc8
Selinux Enabled:  TruePolicy Type:  targeted
MLS Enabled:  True
Enforcing Mode:  Enforcing
Plugin Name:  plugins.catchall_file
Host Name:  bach.myhome.net
Platform:  Linux bach.myhome.net #1 SMP Fri Dec 7 15:49:59 EST
2007 i686 i686Alert Count:  4First Seen:  Fri 11 Jan 2008 06:15:26 AM CSTLast
Seen:  Sat 12 Jan 2008 01:02:00 PM CSTLocal
ID:  9a9049cf-b054-4924-b7a6-9dff384eb9c6Line Numbers:  

Raw Audit Messages :avc: denied { write } for comm=NetworkManager dev=dm-0
egid=0 euid=0 exe=/usr/sbin/NetworkManager exit=0 fsgid=0 fsuid=0 gid=0 items=0
path=/var/log/pm-suspend.log pid=3118
scontext=system_u:system_r:NetworkManager_t:s0 sgid=0
subj=system_u:system_r:NetworkManager_t:s0 suid=0 tclass=file
tcontext=system_u:object_r:hald_log_t:s0 tty=(none) uid=0 

Version-Release number of selected component (if applicable):

How reproducible:

Always happens on suspend/resume

Steps to Reproduce:
1. Start NetworkManager
2. Suspend to Ram
3. Resume
Actual results:

Expected results:

Additional info:
Comment 1 Daniel Walsh 2008-01-22 09:25:33 EST
You can allow this for now by executing 

# audit2allow -M mypol -i /var/log/audit/audit.log 
# semodule -i mypol.pp

Fixed in selinux-policy-3.0.8-81.fc8
Comment 2 Daniel Walsh 2008-03-05 17:17:07 EST
Bugs have been in modified for over one month.  Closing as fixed in current
release please reopen if the problem still persists.

Note You need to log in before you can comment on or make changes to this bug.