Red Hat Bugzilla – Bug 459352
SELinux prevents NetworkManager access to pppd which is required for 3g mobile broadband
Last modified: 2008-08-18 12:41:32 EDT
Description of problem:
If, under NetworkManager, you select the GSM Network Connection then the connection fails. SELinux then warns that it has blocked access to pppd from NetworkManager, with the following information:
SummarySELinux is preventing pppd (pppd_t) "read write" to ./pppd2.tdb
SELinux denied access requested by pppd. It is not expected that this access is required by pppd and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing AccessSometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for ./pppd2.tdb, restorecon -v './pppd2.tdb' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report against this package.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1.Boot the machine and log in to the GNOME desktop
2.On the bottom right, click on the NetworkManager icon
3.Select "Auto GSM network connection"
4.Observe the SELinux star appear
SELinux prevents access to pppd preventing the machine from using 3g mobile broadband.
SELinux should allow access to pppd allowing the machine to access 3g mobile broadband services
Did you run the restorecon command? Did this fix the problem?
# restorecon -R -v /var/run/ppp*
I believe the problem is the file is somehow mislabled. If you can figure out which process created this file that is probably the cuplret.
If it is created via an init script we might need to add a restorecon command to the init script.
Yes, a relabel fixed it.