Sumário: SELinux is preventing /usr/sbin/pppd "read" access on /var/lock/LCK..ttyUSB0. Descrição detalhada: SELinux denied access requested by pppd. It is not expected that this access is required by pppd and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Permitindo acesso: You can generate a local policy module to allow this access - see FAQ (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug report. Informações adicionais: Contexto de origem system_u:system_r:pppd_t:s0 Contexto de destino unconfined_u:object_r:var_lock_t:s0 Objetos de destino /var/lock/LCK..ttyUSB0 [ file ] Origem pppd Caminho da origem /usr/sbin/pppd Porta <Desconhecido> Máquina (removed) Pacotes RPM de origem ppp-2.4.5-8.fc12 Pacotes RPM de destino RPM da política selinux-policy-3.6.32-110.fc12 Selinux habilitado True Tipo de política targeted Modo reforçado Enforcing Nome do plugin catchall Nome da máquina (removed) Plataforma Linux (removed) 2.6.32.11-102.fc12.i686.PAE #1 SMP Tue Apr 13 15:51:45 UTC 2010 i686 i686 Contador de alertas 2 Visto pela primeira vez em Qua 21 Abr 2010 15:37:53 BRT Visto pela última vez em Qua 21 Abr 2010 15:38:35 BRT ID local 9e143e27-9cca-48bb-abaa-d432055484a8 Números de linha Mensagens de auditoria não p node=(removed) type=AVC msg=audit(1271875115.334:27004): avc: denied { read } for pid=7642 comm="pppd" name="LCK..ttyUSB0" dev=sda2 ino=131675 scontext=system_u:system_r:pppd_t:s0 tcontext=unconfined_u:object_r:var_lock_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1271875115.334:27004): arch=40000003 syscall=5 success=no exit=-13 a0=e16900 a1=0 a2=0 a3=e16900 items=0 ppid=1290 pid=7642 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="pppd" exe="/usr/sbin/pppd" subj=system_u:system_r:pppd_t:s0 key=(null) Hash String generated from catchall,pppd,pppd_t,var_lock_t,file,read audit2allow suggests: #============= pppd_t ============== allow pppd_t var_lock_t:file read;
Is pppd being started when you insert a usb stick? Reassigning to pppd people to see if they have an idea. I have a feeling you can ignore this for now.
Dan, this is good question... I didn't observe starting pppd when USB stick is inserted. Well, I'd like to forward this question to reporter. Please, could you answer comment #1?
I don't currently see any possible action from ppp side therefore switching back to selinux-policy.
Are you still seeing this problem?
This message is a reminder that Fedora 12 is nearing its end of life. Approximately 30 (thirty) days from now Fedora will stop maintaining and issuing updates for Fedora 12. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as WONTFIX if it remains open with a Fedora 'version' of '12'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version prior to Fedora 12's end of life. Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Fedora 12 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora please change the 'version' of this bug to the applicable version. If you are unable to change the version, please add a comment here and someone will do it for you. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
If it's closed and "not a bug" then why is it preventing my mobile broadband connection from working? What's the fix? I'm running F14.
Lech could you try this # semanage permissive -a pppd_t Then try your mobile broadand. When you are done, attach the output of ausearch -m avc -ts recent
F14 has /var/lock root:root should unpoeterred: root:lock with group rwx works for rxtx maybe this has anything to do with mobile-connection?
Hi Daniel, Thanks, I changed the SELinux settings graphically to permissive (and have since disabled SELinux anyway), which seemed to fix the problem in my case.