I tried pm_suspend on rawhide liveCD and immediately after awakening I got a notification "security alert AVC Denial" on the bottom of the screen. However the wifi connection worked well. Computer type: Toshiba U300-154 [root@localhost /]# lspci 00:00.0 Host bridge: Intel Corporation Mobile PM965/GM965/GL960 Memory Controller Hub (rev 03) 00:02.0 VGA compatible controller: Intel Corporation Mobile GM965/GL960 Integrated Graphics Controller (rev 03) 00:02.1 Display controller: Intel Corporation Mobile GM965/GL960 Integrated Graphics Controller (rev 03) 00:1a.0 USB Controller: Intel Corporation 82801H (ICH8 Family) USB UHCI Controller #4 (rev 03) 00:1a.1 USB Controller: Intel Corporation 82801H (ICH8 Family) USB UHCI Controller #5 (rev 03) 00:1a.7 USB Controller: Intel Corporation 82801H (ICH8 Family) USB2 EHCI Controller #2 (rev 03) 00:1b.0 Audio device: Intel Corporation 82801H (ICH8 Family) HD Audio Controller (rev 03) 00:1c.0 PCI bridge: Intel Corporation 82801H (ICH8 Family) PCI Express Port 1 (rev 03) 00:1c.1 PCI bridge: Intel Corporation 82801H (ICH8 Family) PCI Express Port 2 (rev 03) 00:1c.2 PCI bridge: Intel Corporation 82801H (ICH8 Family) PCI Express Port 3 (rev 03) 00:1c.3 PCI bridge: Intel Corporation 82801H (ICH8 Family) PCI Express Port 4 (rev 03) 00:1d.0 USB Controller: Intel Corporation 82801H (ICH8 Family) USB UHCI Controller #1 (rev 03) 00:1d.1 USB Controller: Intel Corporation 82801H (ICH8 Family) USB UHCI Controller #2 (rev 03) 00:1d.2 USB Controller: Intel Corporation 82801H (ICH8 Family) USB UHCI Controller #3 (rev 03) 00:1d.7 USB Controller: Intel Corporation 82801H (ICH8 Family) USB2 EHCI Controller #1 (rev 03) 00:1e.0 PCI bridge: Intel Corporation 82801 Mobile PCI Bridge (rev f3) 00:1f.0 ISA bridge: Intel Corporation 82801HEM (ICH8M) LPC Interface Controller (rev 03) 00:1f.1 IDE interface: Intel Corporation 82801HBM/HEM (ICH8M/ICH8M-E) IDE Controller (rev 03) 00:1f.2 SATA controller: Intel Corporation 82801HBM/HEM (ICH8M/ICH8M-E) SATA AHCI Controller (rev 03) 00:1f.3 SMBus: Intel Corporation 82801H (ICH8 Family) SMBus Controller (rev 03) 03:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8101E/RTL8102E PCI Express Fast Ethernet controller (rev 01) 04:00.0 Network controller: Intel Corporation PRO/Wireless 4965 AG or AGN [Kedron] Network Connection (rev 61) 0a:01.0 FireWire (IEEE 1394): Ricoh Co Ltd R5C832 IEEE 1394 Controller (rev 05) 0a:01.1 SD Host controller: Ricoh Co Ltd R5C822 SD/SDIO/MMC/MS/MSPro Host Adapter (rev 22) 0a:01.2 System peripheral: Ricoh Co Ltd R5C592 Memory Stick Bus Host Adapter (rev 12) 0a:01.3 System peripheral: Ricoh Co Ltd xD-Picture Card Controller (rev 12) [root@localhost /]# lsmod Module Size Used by iscsi_ibft 2745 0 iscsi_boot_sysfs 5845 1 iscsi_ibft iscsi_tcp 7511 0 libiscsi_tcp 11291 1 iscsi_tcp libiscsi 31454 2 iscsi_tcp,libiscsi_tcp scsi_transport_iscsi 26683 2 iscsi_tcp,libiscsi xts 1891 0 lrw 2146 0 gf128mul 6316 2 xts,lrw sha256_generic 11443 0 dm_crypt 12103 0 vfat 7095 0 fat 38076 1 vfat dm_round_robin 1831 0 dm_multipath 12907 1 dm_round_robin raid10 18631 0 raid456 55769 0 async_raid6_recov 4656 1 raid456 async_pq 3513 2 raid456,async_raid6_recov raid6_pq 78301 2 async_raid6_recov,async_pq async_xor 2741 3 raid456,async_raid6_recov,async_pq xor 12406 1 async_xor async_memcpy 1452 2 raid456,async_raid6_recov async_tx 2104 5 raid456,async_raid6_recov,async_pq,async_xor,async_memcpy raid1 17242 0 raid0 7463 0 tcp_lp 1867 0 sco 13401 2 bnep 12061 2 l2cap 45458 3 bnep fuse 53420 3 cpufreq_ondemand 7674 2 8021q 15564 0 garp 4926 1 8021q stp 1399 1 garp llc 3684 2 garp,stp acpi_cpufreq 6257 1 mperf 1145 1 acpi_cpufreq ip6t_REJECT 3387 2 nf_conntrack_ipv6 6637 1 nf_defrag_ipv6 7574 1 nf_conntrack_ipv6 ip6table_filter 1227 1 ip6_tables 9790 1 ip6table_filter btusb 12340 2 bluetooth 77640 8 sco,bnep,l2cap,btusb arc4 1097 2 snd_hda_codec_realtek 244498 1 iwlagn 229733 0 snd_hda_intel 20294 2 snd_hda_codec 69927 2 snd_hda_codec_realtek,snd_hda_intel iwlcore 125962 1 iwlagn snd_hwdep 4986 1 snd_hda_codec snd_seq 43761 0 snd_seq_device 5118 1 snd_seq snd_pcm 63871 2 snd_hda_intel,snd_hda_codec uvcvideo 48990 0 mac80211 201914 2 iwlagn,iwlcore r852 8081 0 microcode 11108 0 sm_common 6584 1 r852 nand 38523 2 r852,sm_common nand_ids 3786 1 nand nand_ecc 3448 1 nand snd_timer 15551 2 snd_seq,snd_pcm videodev 54789 1 uvcvideo mtd 18099 2 sm_common,nand snd 48010 12 snd_hda_codec_realtek,snd_hda_intel,snd_hda_codec,snd_hwdep,snd_seq,snd_seq_device,snd_pcm,snd_timer toshiba_bluetooth 1663 0 wmi 7722 0 soundcore 5039 1 snd iTCO_wdt 9288 0 i2c_i801 7957 0 snd_page_alloc 6112 2 snd_hda_intel,snd_pcm iTCO_vendor_support 2082 1 iTCO_wdt cfg80211 116073 3 iwlagn,iwlcore,mac80211 sparse_keymap 2650 0 serio_raw 3475 0 joydev 7284 0 r8169 30200 0 rfkill 13096 4 bluetooth,cfg80211 mii 3598 1 r8169 uinput 5434 0 ipv6 234732 17 ip6t_REJECT,nf_conntrack_ipv6,nf_defrag_ipv6 squashfs 36759 2 sdhci_pci 7200 0 sdhci 16292 1 sdhci_pci firewire_ohci 21872 0 mmc_core 61550 1 sdhci firewire_core 41048 1 firewire_ohci crc_itu_t 1251 1 firewire_core i915 305549 3 drm_kms_helper 24180 1 i915 drm 151605 4 i915,drm_kms_helper usb_storage 36099 1 i2c_algo_bit 4162 1 i915 i2c_core 21384 6 videodev,i2c_i801,i915,drm_kms_helper,drm,i2c_algo_bit video 10797 1 i915 This is the SELinux report: SELinux is preventing /usr/sbin/wpa_supplicant from using the sys_module capability. ***** Plugin sys_module (99.5 confidence) suggests ************************* If you do not believe that /usr/sbin/wpa_supplicant should be attempting to modify the kernel by loading a kernel module. Then a process might be attempting to hack into your system. Do contact your security administrator and report this issue. ***** Plugin catchall (1.49 confidence) suggests *************************** If you believe that wpa_supplicant should have the sys_module capability by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep wpa_supplicant /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:NetworkManager_t:s0-s0:c0.c1023 Target Context system_u:system_r:NetworkManager_t:s0-s0:c0.c1023 Target Objects Unknown [ capability ] Source wpa_supplicant Source Path /usr/sbin/wpa_supplicant Port <Unknown> Host localhost.localdomain Source RPM Packages wpa_supplicant-0.7.3-4.fc15 Target RPM Packages Policy RPM selinux-policy-3.9.16-6.fc15 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.38-1.fc15.i686 #1 SMP Tue Mar 15 05:26:56 UTC 2011 i686 i686 Alert Count 3 First Seen Thu 24 Mar 2011 09:13:32 AM EDT Last Seen Thu 24 Mar 2011 09:52:31 AM EDT Local ID 96d6094d-7a84-47ca-99a7-1d8e7d0eef7a Raw Audit Messages type=AVC msg=audit(1300974751.581:30): avc: denied { sys_module } for pid=1296 comm="wpa_supplicant" capability=16 scontext=system_u:system_r:NetworkManager_t:s0-s0:c0.c1023 tcontext=system_u:system_r:NetworkManager_t:s0-s0:c0.c1023 tclass=capability type=SYSCALL msg=audit(1300974751.581:30): arch=i386 syscall=ioctl success=no exit=ENODEV a0=7 a1=8933 a2=bfafafbc a3=7 items=0 ppid=1 pid=1296 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=wpa_supplicant exe=/usr/sbin/wpa_supplicant subj=system_u:system_r:NetworkManager_t:s0-s0:c0.c1023 key=(null) Hash: wpa_supplicant,NetworkManager_t,NetworkManager_t,capability,sys_module audit2allow #============= NetworkManager_t ============== allow NetworkManager_t self:capability sys_module; audit2allow -R #============= NetworkManager_t ============== allow NetworkManager_t self:capability sys_module;
*** This bug has been marked as a duplicate of bug 684415 ***