Description of problem: usbmuxd does not start when my iphone is plugged in. /var/log/audit logs: type=SELINUX_ERR msg=audit(1267609151.230:27): security_compute_sid: invalid context system_u:system_r:usbmuxd_t:s0-s0:c0.c1023 for scontext=system_u:system_r:udev_t:s0-s0:c0.c1023 tcontext=system_u:object_r:usbmuxd_exec_t:s0 tclass=process type=SYSCALL msg=audit(1267609151.230:27): arch=c000003e syscall=59 success=no exit=-13 a0=7ffff85956c0 a1=7ffff8593e10 a2=27510c0 a3=7f89adc88a70 items=0 ppid=1645 pid=2303 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="udevd" exe="/sbin/udevd" subj=system_u:system_r:udev_t:s0-s0:c0.c1023 key=(null) and usbmuxd doesn't start. setroubleshoot doesn't show anything, but turning selinux back to enforcing mode fixes this. Alternately (ie with selinux still in enforce mode), running |/usr/sbin/usbmuxd -u -Uusbmuxd| manually from the command line (which is what the udev rules do) works without error, and the gvfsd automount stuff Just Works Version-Release number of selected component (if applicable): selinux-policy-3.6.32-89.fc12.noarch libselinux-2.0.90-5.fc12.x86_64 kernel-2.6.31.12-174.2.22.fc12.x86_64 usbmuxd-1.0.0-4.fc12.x86_64 libimobiledevice-0.9.7-2.fc12.x86_64 udev-145-15.fc12.x86_64 How reproducible: Always Steps to Reproduce: 1. Plug in iphone Actual results: usbmuxd doesn't start, error in audit.log No automount of gfvs-afc Expected results: usbmuxd starts, and file system automatically mounted Additional info: This broke with the update to usbmuxd 1.0
I tried relabeling (touch /.autorelabel and reboot) but that didn't help.
Dan, we are missing role-type statement role system_r types usbmuxd_t; Bradley, you can allow this for now using # grep usbmuxd /var/log/audit/audit.log | audit2allow -M myusbmuxd # semodule -i myusbmuxd.pp Fixed in selinux-policy-3.6.32-97.fc12
*** Bug 570423 has been marked as a duplicate of this bug. ***
Will that be added to the selinux-policy so it doesn't need to be manually done for each person?
Looks like it's in updates-testing right now
Peter, yes, it is fixed in selinux-policy-3.6.32-97.fc12 I am going to push out an update today.
please ignore me, I need coffee...
selinux-policy-3.6.32-99.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/selinux-policy-3.6.32-99.fc12
selinux-policy-3.6.32-99.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update selinux-policy'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/selinux-policy-3.6.32-99.fc12
selinux-policy-3.6.32-99.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.