Description of problem: SELinux denied access requested by iwconfig. It is not expected that this access is required by iwconfig and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Version-Release number of selected component (if applicable): selinux-policy-3.0.8-95.fc8, wireless-tools-29-0.2.pre22.fc8 How reproducible: Always Steps to Reproduce: 1. rmmod mac80211 2. rmmod iwl3945 3. modprobe iwl3945 Actual results: host=valkyrie.localdomain type=AVC msg=audit(1208885288.790:1014): avc: denied { search } for pid=3405 comm="iwconfig" name="keys" dev=debugfs ino=3538126 scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=dir host=valkyrie.localdomain type=AVC msg=audit(1208885288.790:1014): avc: denied { search } for pid=3405 comm="iwconfig" name="netdev:wlan0" dev=debugfs ino=3538162 scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=dir host=valkyrie.localdomain type=SYSCALL msg=audit(1208885288.790:1014): arch=c000003e syscall=16 success=yes exit=0 a0=3 a1=8b2a a2=7fff0645cc50 a3=0 items=0 ppid=3279 pid=3405 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="iwconfig" exe="/sbin/iwconfig" subj=system_u:system_r:ifconfig_t:s0-s0:c0.c1023 key=(null) Expected results: No AVCs Additional info: Source Context: system_u:system_r:ifconfig_t:s0-s0:c0.c1023 Target Context: system_u:object_r:debugfs_t:s0 Target Objects: ./keys [ dir ]Source: iwconfig Source Path: /sbin/iwconfig Port: <Unknown> Host: valkyrie.localdomainSource RPM Packages: wireless-tools-29-0.2.pre22.fc8 Target RPM Packages: Policy RPM: selinux-policy-3.0.8-95.fc8 Selinux Enabled: True Policy Type: targeted MLS Enabled: True Enforcing Mode: Enforcing Plugin Name: catchall_file Host Name: valkyrie.localdomain Platform: Linux valkyrie.localdomain 2.6.24.4-64.fc8 #1 SMP Sat Mar 29 09:15:49 EDT 2008 x86_64 x86_64 Occurrence count increments by two for each modprobe.
Fixed in selinux-policy-3.0.8-98.fc8
Closing all bugs that have been in modified for over a month. Please reopen if the bug is not actually fixed.