User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.3) Gecko/20100403 Fedora/3.6.3-4.fc13 Firefox/3.6.3 Summary: SELinux is preventing /usr/sbin/bluetoothd "read" access to device rfcomm0. Detailed Description: SELinux has denied bluetoothd "read" access to device rfcomm0. rfcomm0 is mislabeled, this device has the default label of the /dev directory, which should not happen. All Character and/or Block Devices should have a label. You can attempt to change the label of the file using restorecon -v 'rfcomm0'. If this device remains labeled device_t, then this is a bug in SELinux policy. Please file a bg report. If you look at the other similar devices labels, ls -lZ /dev/SIMILAR, and find a type that would work for rfcomm0, you can use chcon -t SIMILAR_TYPE 'rfcomm0', If this fixes the problem, you can make this permanent by executing semanage fcontext -a -t SIMILAR_TYPE 'rfcomm0' If the restorecon changes the context, this indicates that the application that created the device, created it without using SELinux APIs. If you can figure out which application created the device, please file a bug report against this application. Allowing Access: Attempt restorecon -v 'rfcomm0' or chcon -t SIMILAR_TYPE 'rfcomm0' Additional Information: Source Context system_u:system_r:bluetooth_t:s0-s0:c0.c1023 Target Context system_u:object_r:device_t:s0 Target Objects rfcomm0 [ chr_file ] Source bluetoothd Source Path /usr/sbin/bluetoothd Port <Unknown> Host (removed) Source RPM Packages bluez-4.64-1.fc13 Target RPM Packages Policy RPM selinux-policy-3.7.19-23.fc13 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Plugin Name device Host Name (removed) Platform Linux sam-n210 2.6.33.5-124.fc13.i686 #1 SMP Fri Jun 11 09:48:40 UTC 2010 i686 i686 Alert Count 11 First Seen Mon 21 Jun 2010 10:44:00 AM IST Last Seen Tue 22 Jun 2010 08:16:19 PM IST Local ID a6d1dc8c-1b2e-414e-9563-a00cc0c9a52a Line Numbers Raw Audit Messages node=sam-n210 type=AVC msg=audit(1277217979.864:19): avc: denied { read } for pid=1355 comm="bluetoothd" name="rfcomm0" dev=devtmpfs ino=18215 scontext=system_u:system_r:bluetooth_t:s0-s0:c0.c1023 tcontext=system_u:object_r:device_t:s0 tclass=chr_file node=sam-n210 type=SYSCALL msg=audit(1277217979.864:19): arch=40000003 syscall=5 success=no exit=-13 a0=fed8d8 a1=100 a2=0 a3=ff3018 items=0 ppid=1 pid=1355 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bluetoothd" exe="/usr/sbin/bluetoothd" subj=system_u:system_r:bluetooth_t:s0-s0:c0.c1023 key=(null) Reproducible: Always
If you look at the device is it labelled device_t? ls -lZ /dev/rfcomm0
(In reply to comment #1) > If you look at the device is it labelled device_t? > > ls -lZ /dev/rfcomm0 there is no bluetoothd file or folder inside sbin then ls shows [kannan@sam210 ~]$ ls -lZ /dev/rfcomm0 crw-rw----. root dialout system_u:object_r:tty_device_t:s0 /dev/rfcomm0 sir i am new to linux and liked its engneering so brifly explain what to do
I just wanted to know what SELinux security context has /dev/rfcomm00 device. ls -Z ... this option will show SELinux security context Information about SELinux: http://fedoraproject.org/wiki/SELinux http://danwalsh.livejournal.com/22347.html
*** This bug has been marked as a duplicate of bug 566332 ***