506890 – SELinux is preventing udev-acl.ck (consolekit_t) "getattr" udev_tbl_t.

Bug 506890 - SELinux is preventing udev-acl.ck (consolekit_t) "getattr" udev_tbl_t.

Summary: SELinux is preventing udev-acl.ck (consolekit_t) "getattr" udev_tbl_t.

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy
Sub Component:
Version:	rawhide
Hardware:	i686
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	---
Assignee:	Daniel Walsh
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2009-06-19 06:58 UTC by av.ankit
Modified:	2009-06-19 08:18 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2009-06-19 08:18:45 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description av.ankit 2009-06-19 06:58:04 UTC

Description of problem:
SELinux is preventing udev-acl.ck (consolekit_t) "getattr" udev_tbl_t.

Detailed Description:

SELinux denied access requested by udev-acl.ck. It is not expected that this
access is required by udev-acl.ck and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.

Version-Release number of selected component (if applicable):
Additional Information:

Source Context                system_u:system_r:consolekit_t:s0-s0:c0.c1023
Target Context                system_u:object_r:udev_tbl_t:s0
Target Objects                /dev/.udev/db/\x2fdevices\x2fvirtual\x2fblock\x2fl
                              oop7 [ file ]
Source                        udev-acl.ck
Source Path                   /lib/udev/udev-acl
Port                          <Unknown>
Host                          (removed)
Source RPM Packages           udev-extras-20090516-0.5.20090601git.fc12
Target RPM Packages           
Policy RPM                    selinux-policy-3.6.16-2.fc12
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     (removed)
Platform                      Linux Ankit 2.6.30-6.fc12.i586 #1 SMP Fri Jun 12
                              11:36:06 EDT 2009 i686 i686
Alert Count                   1
First Seen                    Fri 19 Jun 2009 11:45:57 AM IST
Last Seen                     Fri 19 Jun 2009 11:45:57 AM IST
Local ID                      a22e1198-f936-4c58-9fde-2df6991a64be
Line Numbers                  

Raw Audit Messages            

node=Ankit type=AVC msg=audit(1245392157.104:1254): avc:  denied  { getattr } for  pid=26092 comm="udev-acl.ck" path="/dev/.udev/db/\x2fdevices\x2fvirtual\x2fblock\x2floop7" dev=tmpfs ino=5445 scontext=system_u:system_r:consolekit_t:s0-s0:c0.c1023 tcontext=system_u:object_r:udev_tbl_t:s0 tclass=file

node=Ankit type=SYSCALL msg=audit(1245392157.104:1254): arch=40000003 syscall=196 success=no exit=-13 a0=bf8bc85c a1=bf8bb3fc a2=328ff4 a3=bf8bc86a items=0 ppid=1296 pid=26092 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="udev-acl.ck" exe="/lib/udev/udev-acl" subj=system_u:system_r:consolekit_t:s0-s0:c0.c1023 key=(null)




How reproducible:
a lot! has happened more than 70-80 times within 2-3 days!!

Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:

Comment 1 Miroslav Grepl 2009-06-19 08:18:45 UTC

Fixed in selinux-policy-3.6.16-4.fc12

Note You need to log in before you can comment on or make changes to this bug.