Bug 445618 - SELinux is blocking smartd
SELinux is blocking smartd
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
rawhide
All Linux
low Severity low
: ---
: ---
Assigned To: Daniel Walsh
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-05-07 21:10 EDT by Leslie Brooks
Modified: 2008-05-08 11:25 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-05-08 11:25:55 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
SELinux error report (2.41 KB, text/plain)
2008-05-07 21:10 EDT, Leslie Brooks
no flags Details

  None (edit)
Description Leslie Brooks 2008-05-07 21:10:34 EDT
Description of problem:
SELinux popped up a block message saying that smartd had violated the rules.  I
suspect that smartd is behaving properly and that SELinux is at fault, but I
haven't the slightest bit of proof.

Version-Release number of selected component (if applicable):


How reproducible:
 Don't know; I have had the system running for fifteen or twenty minutes and it
just popped up.  However, it didn't happen previously when I had the system
running far longer.

Steps to Reproduce:
1. Probably crucial, run 'hdparm -S 6 /dev/sdb'; this causes the drive motor to
spin down after 30 seconds of inactivity.  I did _not_ do that previously but
_did_ do that today, and got the error shortly after that.
2. run 'hdparm -C /dev/sdb' to confirm that it has spun down
3. Some minutes later the error message popped up.
  
Actual results:
 See attached SELinux report.

Expected results:


Additional info:
This is with the April beta; I will try to reproduce it with this month's
Preview release.
Comment 1 Leslie Brooks 2008-05-07 21:10:34 EDT
Created attachment 304823 [details]
SELinux error report
Comment 2 Daniel Walsh 2008-05-08 11:25:55 EDT
You can allow this for now.

# audit2allow -M mypol -l -i /var/log/audit/audit.log
# semodule -i mypol.pp

Fixed in selinux-policy-3.3.1-48.fc9.noarch

Note You need to log in before you can comment on or make changes to this bug.