Bug 449340 - Updates trigger selinux alert ( rsylogd, dbus-daemon, mono )
Summary: Updates trigger selinux alert ( rsylogd, dbus-daemon, mono )
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: rawhide
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-06-02 09:55 UTC by Jóhann B. Guðmundsson
Modified: 2008-06-04 17:47 UTC (History)
3 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2008-06-04 17:47:48 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
Selinux-alerts recived.... (13.72 KB, text/plain)
2008-06-02 09:55 UTC, Jóhann B. Guðmundsson 		no flags Details
SELinux alert regarding mono "unix_read unix_write" to <Unknown> (unlabeled_t) (2.53 KB, text/plain)
2008-06-03 04:10 UTC, David R. 		no flags Details
View All

Description Jóhann B. Guðmundsson 2008-06-02 09:55:18 UTC 
Description of problem:

Updating to rawhide today ( 02.06.2008 )
trigger selinux alerts against rsyslog and dbus-daemon 
see attached files for details.

In the attached files are also 3 alerts against mono that 
I received on 22.05.2008 

This is an default install of f9 upgraded to rawhide.

Running recommended solution ( Allow access ) for rsyslog and dbus-daemon
result in:

[root@localhost ~]# restorecon -v './meminfo'
restorecon:  stat error on ./meminfo:  No such file or directory

[root@localhost ~]# restorecon -v './gconfd-2'
restorecon:  stat error on ./gconfd-2:  No such file or directory


Version-Release number of selected component (if applicable):

[root@localhost ~]# rpm -qa | grep selinux
libselinux-python-2.0.64-2.fc10.i386
selinux-policy-targeted-3.3.1-51.fc9.noarch
libselinux-2.0.64-2.fc10.i386
selinux-policy-3.3.1-51.fc9.noarch


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Jóhann B. Guðmundsson 2008-06-02 09:55:18 UTC 
Created attachment 307342 [details]
Selinux-alerts recived....
Comment 2 David R. 2008-06-03 04:06:58 UTC 
Fedora noob here, finally upgrading from Mandrake 8.1(!), and I think my bug is
related (re: SELinux barking at mono).

Did a comprehensive Fedora 9 install a couple of weeks ago, let the box stay off
for a while, then a few days ago I powered back up and pulled down ~110 updates.
 Let those complete in the background.

Got back to my console tonight, and found a message that Tomboy Notes had shut
down, and did I want to reload?  OK, I figure that one of the updates required
Tomboy Notes to shut down.  So I say yes, and while Tomboy Notes does come back,
I get an SELinux alert, says that "SELinux is preventing mono
(unconfined_mono_t) "unix_read unix_write" to <Unknown> (unlabeled_t)."

I don't know if this is reproducible... I would imagine that the update caused
it, and updates happen only once.  I'll make an attachment of the SELinux report.
Comment 3 David R. 2008-06-03 04:10:08 UTC 
Created attachment 308184 [details]
SELinux alert regarding mono "unix_read unix_write" to <Unknown> (unlabeled_t)

This alert popped up after choosing "Reload" to restart Tomboy Notes after the
latest round of automatic updates were applied
Comment 4 Peter Dawes 2008-06-04 16:37:41 UTC 
Fresh install of Fedora 9 this morning, followed by updates.  Can't log as any
user afterwards (users supplied by NIS).  SELinux errors on dbus, mono, ypbind
and some that come up "unknown".  I'm trying an auto-relabel, and will post
results.  If it doesn't work, I'll also post some more specific selinux errors.
Comment 5 Daniel Walsh 2008-06-04 17:47:48 UTC 
Please open separate bugzilla's.  The rawhide issue should be fixed by latest
policy.

Fixed in selinux-policy-3_4_1-3_fc10
Note You need to log in before you can comment on or make changes to this bug.