Red Hat Bugzilla – Bug 861607
Unconfined daemon rngd
Last modified: 2012-12-20 10:27:30 EST
Description of problem:
The rngd (random number generator daemon) runs as initrc_t. Its a required daemon to pull entropy from a tpm chip or an ivy bridge processor and push it into /dev/random. Its part of the rng-tools package.
Steps to Reproduce:
1. systemctl start rngd.service
2. ps -eZ | grep initrc_t
Created attachment 619107 [details]
a rng starting point
The enclosed policy module is what i managed to get
i used /dev/urandom as the "Kernel device used for random number input" i could not get anything else to work on my system.
Theres a bug in rng_admin() where it should call rng_systemctl_rngd($1) instead of rng_systemctl($1)
Fixed in selinux-policy-3.11.1-37.fc18.noarch
selinux-policy-3.11.1-43.fc18 has been submitted as an update for Fedora 18.
selinux-policy-3.11.1-46.fc18 has been submitted as an update for Fedora 18.
* should fix your issue,
* was pushed to the Fedora 18 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing selinux-policy-3.11.1-46.fc18'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).
selinux-policy-3.11.1-46.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.