633039 – SELinux is preventing /usr/bin/tor "signal" access .

Bug 633039 - SELinux is preventing /usr/bin/tor "signal" access .

Summary: SELinux is preventing /usr/bin/tor "signal" access .

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy
Sub Component:
Version:	13
Hardware:	All
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	---
Assignee:	Daniel Walsh
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2010-09-12 15:06 UTC by Christoph A.
Modified:	2010-09-22 00:38 UTC (History)
CC List:	2 users (show)
Fixed In Version:	selinux-policy-3.7.19-57.fc13
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2010-09-22 00:38:28 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Christoph A. 2010-09-12 15:06:26 UTC

Description of problem:

SELinux is preventing /usr/bin/tor "signal" access .

Source Context                system_u:system_r:tor_t:s0
Target Context                system_u:system_r:tor_t:s0
Target Objects                None [ process ]
Source                        tor
Source Path                   /usr/bin/tor
Port                          <Unknown>
Source RPM Packages           tor-core-0.2.1.26-1300.fc13
Target RPM Packages           
Policy RPM                    selinux-policy-3.7.19-54.fc13
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Plugin Name                   catchall
Alert Count                   2

Raw Audit Messages            

type=AVC msg=audit(1284300096.284:59): avc:  denied  { signal } for  pid=1532 comm="tor" scontext=system_u:system_r:tor_t:s0 tcontext=system_u:system_r:tor_t:s0 tclass=process

type=SYSCALL msg=audit(1284300096.284:59): arch=c000003e syscall=234 success=yes exit=4294967424 a0=5fc a1=5fc a2=6 a3=8 items=0 ppid=1 pid=1532 auid=4294967295 uid=488 gid=485 euid=488 suid=488 fsuid=488 egid=485 sgid=485 fsgid=485 tty=(none) ses=4294967295 comm="tor" exe="/usr/bin/tor" subj=system_u:system_r:tor_t:s0 key=(null)


I think this access should be allowed.

Comment 1 Miroslav Grepl 2010-09-13 10:48:05 UTC

Fixed in selinux-policy-3.7.19-56.fc13

Comment 2 Fedora Update System 2010-09-13 16:08:46 UTC

selinux-policy-3.7.19-57.fc13 has been submitted as an update for Fedora 13.
https://admin.fedoraproject.org/updates/selinux-policy-3.7.19-57.fc13

Comment 3 Fedora Update System 2010-09-15 05:30:01 UTC

selinux-policy-3.7.19-57.fc13 has been pushed to the Fedora 13 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update selinux-policy'.  You can provide feedback for this update here: https://admin.fedoraproject.org/updates/selinux-policy-3.7.19-57.fc13

Comment 4 Fedora Update System 2010-09-22 00:37:27 UTC

selinux-policy-3.7.19-57.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.