Fedora Account System
Red Hat Associate
Red Hat Customer
Resum: SELinux is preventing /bin/plymouth access to a leaked /dev/ptmx file descriptor. Descripció detallada: [plymouth has a permissive type (plymouth_t). This access was not denied.] SELinux denied access requested by the plymouth command. It looks like this is either a leaked descriptor or plymouth output was redirected to a file it is not allowed to access. Leaks usually can be ignored since SELinux is just closing the leak and reporting the error. The application does not use the descriptor, so it will run properly. If this is a redirection, you will not get output in the /dev/ptmx. You should generate a bugzilla on selinux-policy, and it will get routed to the appropriate package. You can safely ignore this avc. Permet l'accés: You can generate a local policy module to allow this access - see FAQ (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Informació addicional: Context de la font system_u:system_r:plymouth_t:s0-s0:c0.c1023 Context de l'objectiu system_u:object_r:ptmx_t:s0 Objectes objectius /dev/ptmx [ chr_file ] Font plymouth Camí de la font /bin/plymouth Port <Desconegut> Ordinador (removed) Paquests RPM font plymouth-0.8.0-0.2009.29.09.19.1.fc12 Paquets RPM destí RPM de política selinux-policy-3.6.32-73.fc12 S'ha habilitat el Selinux True Tipus de la política targeted Mode forçat Enforcing Nom del connector leaks Nom de la màquina (removed) Plataforma Linux (removed) 2.6.31.12-174.2.3.fc12.x86_64 #1 SMP Mon Jan 18 19:52:07 UTC 2010 x86_64 x86_64 Contador d'alertes 6 Vist per primera vegada dc 09 des 2009 15:45:44 CET Vist per darrera vegada dv 22 gen 2010 00:44:54 CET Identificador local a04b6c84-22e9-4c41-82c5-3577f191e598 Número de línies Missatges d'auditoria sense p node=(removed) type=AVC msg=audit(1264117494.237:158): avc: denied { read write } for pid=27991 comm="plymouth" path="/dev/ptmx" dev=tmpfs ino=2149 scontext=system_u:system_r:plymouth_t:s0-s0:c0.c1023 tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file node=(removed) type=SYSCALL msg=audit(1264117494.237:158): arch=c000003e syscall=59 success=yes exit=0 a0=cad610 a1=cad360 a2=c6edc0 a3=18 items=0 ppid=27980 pid=27991 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="plymouth" exe="/bin/plymouth" subj=system_u:system_r:plymouth_t:s0-s0:c0.c1023 key=(null) Hash String generated from selinux-policy-3.6.32-73.fc12,leaks,plymouth,plymouth_t,ptmx_t,chr_file,read,write audit2allow suggests: #============= plymouth_t ============== allow plymouth_t ptmx_t:chr_file { read write };
Miroslav add term_use_ptmx(plymouth_t)
Fixed in selinux-policy-3.6.32-76.fc12.noarch
selinux-policy-3.6.32-78.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/selinux-policy-3.6.32-78.fc12
selinux-policy-3.6.32-78.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update selinux-policy'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F12/FEDORA-2010-1207
selinux-policy-3.6.32-78.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.