862152 – SELinux is preventing /usr/libexec/mission-control-5 from 'write' accesses on the directory /var/lib/gdm/.local/share/telepathy/mission-control.

Bug 862152 - SELinux is preventing /usr/libexec/mission-control-5 from 'write' accesses on the directory /var/lib/gdm/.local/share/telepathy/mission-control.

Summary: SELinux is preventing /usr/libexec/mission-control-5 from 'write' accesses on...

Keywords:
Status:	CLOSED DUPLICATE of bug 862156
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy
Sub Component:
Version:	18
Hardware:	x86_64
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Miroslav Grepl
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:	abrt_hash:670268636ba16e91815d1315021...
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2012-10-02 04:12 UTC by D. Charles Pyle
Modified:	2012-10-02 08:29 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2012-10-02 08:29:34 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
File: type (9 bytes, text/plain) 2012-10-02 04:12 UTC, D. Charles Pyle	no flags	Details
File: hashmarkername (14 bytes, text/plain) 2012-10-02 04:12 UTC, D. Charles Pyle	no flags	Details
View All

Description D. Charles Pyle 2012-10-02 04:12:27 UTC

Additional info:
libreport version: 2.0.14
kernel:         3.6.0-0.rc7.git1.4.fc18.x86_64

description:
:SELinux is preventing /usr/libexec/mission-control-5 from 'write' accesses on the directory /var/lib/gdm/.local/share/telepathy/mission-control.
:
:*****  Plugin catchall (100. confidence) suggests  ***************************
:
:If you believe that mission-control-5 should be allowed write access on the mission-control directory by default.
:Then you should report this as a bug.
:You can generate a local policy module to allow this access.
:Do
:allow this access for now by executing:
:# grep mission-control /var/log/audit/audit.log | audit2allow -M mypol
:# semodule -i mypol.pp
:
:Additional Information:
:Source Context                system_u:system_r:xdm_dbusd_t:s0-s0:c0.c1023
:Target Context                system_u:object_r:xdm_var_lib_t:s0
:Target Objects                /var/lib/gdm/.local/share/telepathy/mission-
:                              control [ dir ]
:Source                        mission-control
:Source Path                   /usr/libexec/mission-control-5
:Port                          <Unknown>
:Host                          (removed)
:Source RPM Packages           telepathy-mission-control-5.13.2-1.fc18.x86_64
:Target RPM Packages           
:Policy RPM                    selinux-policy-3.11.1-25.fc18.noarch
:Selinux Enabled               True
:Policy Type                   targeted
:Enforcing Mode                Permissive
:Host Name                     (removed)
:Platform                      Linux (removed) 3.6.0-0.rc7.git1.4.fc18.x86_64 #1
:                              SMP Tue Sep 25 19:55:25 UTC 2012 x86_64 x86_64
:Alert Count                   3
:First Seen                    2012-09-30 12:50:04 MDT
:Last Seen                     2012-10-01 16:37:26 MDT
:Local ID                      4cc21226-3379-47a4-a38f-2aa71c0b97ca
:
:Raw Audit Messages
:type=AVC msg=audit(1349131046.874:136): avc:  denied  { write } for  pid=3465 comm="mission-control" name="mission-control" dev="dm-1" ino=2365499 scontext=system_u:system_r:xdm_dbusd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:xdm_var_lib_t:s0 tclass=dir
:
:
:type=AVC msg=audit(1349131046.874:136): avc:  denied  { add_name } for  pid=3465 comm="mission-control" name="accounts-goa.cfg.C8UELW" scontext=system_u:system_r:xdm_dbusd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:xdm_var_lib_t:s0 tclass=dir
:
:
:type=AVC msg=audit(1349131046.874:136): avc:  denied  { create } for  pid=3465 comm="mission-control" name="accounts-goa.cfg.C8UELW" scontext=system_u:system_r:xdm_dbusd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:xdm_var_lib_t:s0 tclass=file
:
:
:type=AVC msg=audit(1349131046.874:136): avc:  denied  { write } for  pid=3465 comm="mission-control" path="/var/lib/gdm/.local/share/telepathy/mission-control/accounts-goa.cfg.C8UELW" dev="dm-1" ino=2367378 scontext=system_u:system_r:xdm_dbusd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:xdm_var_lib_t:s0 tclass=file
:
:
:type=SYSCALL msg=audit(1349131046.874:136): arch=x86_64 syscall=open success=yes exit=EIO a0=a3eab0 a1=c2 a2=1b6 a3=0 items=0 ppid=3464 pid=3465 auid=42 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) ses=3 comm=mission-control exe=/usr/libexec/mission-control-5 subj=system_u:system_r:xdm_dbusd_t:s0-s0:c0.c1023 key=(null)
:
:Hash: mission-control,xdm_dbusd_t,xdm_var_lib_t,dir,write
:
:audit2allow
:
:#============= xdm_dbusd_t ==============
:#!!!! This avc is allowed in the current policy
:
:allow xdm_dbusd_t xdm_var_lib_t:dir { write add_name };
:#!!!! This avc is allowed in the current policy
:
:allow xdm_dbusd_t xdm_var_lib_t:file { write create };
:
:audit2allow -R
:
:#============= xdm_dbusd_t ==============
:#!!!! This avc is allowed in the current policy
:
:allow xdm_dbusd_t xdm_var_lib_t:dir { write add_name };
:#!!!! This avc is allowed in the current policy
:
:allow xdm_dbusd_t xdm_var_lib_t:file { write create };
:

Comment 1 D. Charles Pyle 2012-10-02 04:12:29 UTC

Created attachment 620120 [details]
File: type

Comment 2 D. Charles Pyle 2012-10-02 04:12:31 UTC

Created attachment 620121 [details]
File: hashmarkername

Comment 3 Miroslav Grepl 2012-10-02 08:29:34 UTC


*** This bug has been marked as a duplicate of bug 862156 ***

Note You need to log in before you can comment on or make changes to this bug.