Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 234776 - AVC errors by hal-addon-acpi
Summary: AVC errors by hal-addon-acpi
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted
Version: 6
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Ben Levenson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-04-01 21:49 UTC by Gérard Milmeister
Modified: 2007-11-30 22:12 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-04-05 17:47:26 UTC


Attachments (Terms of Use)

Description Gérard Milmeister 2007-04-01 21:49:45 UTC
I get the following errors on my notebook with targeted policy enabled:

Apr  1 23:47:53 kodaly kernel: audit(1175464073.509:149): avc:  denied  {
connectto } for  pid=4294 comm="hald-addon-acpi" name="acpid.socket"
scontext=user_u:system_r:hald_t:s0 tcontext=system_u:system_r:initrc_t:s0
tclass=unix_stream_socket

I used restorecon to reset the labeling of the files in /var, but the problem is
still present. The message appear about every 5 seconds.

Comment 1 Daniel Walsh 2007-04-02 17:41:25 UTC
apmd must not be running in the write context on this machine.

On my machine I have the following:

# ps -eZ | grep apmd
system_u:system_r:apmd_t         2480 ?        00:00:00 acpid

ls -lZ /var/run/acpid.socket 
srw-rw-rw-  root root system_u:object_r:apmd_var_run_t /var/run/acpid.socket

# ls -lZ /usr/sbin/acpid
-rwxr-x---  root root system_u:object_r:apmd_exec_t    /usr/sbin/acpid


Comment 2 Gérard Milmeister 2007-04-02 17:50:27 UTC
It's acpid, not apmd. Here is what I got:

$ps -eZ | grep acpid 
system_u:system_r:kernel_t         62 ?        00:00:02 kacpid
user_u:system_r:initrc_t         7166 ?        00:00:00 acpid

$ls -lZ /var/run/acpid.socket 
srw-rw-rw-  root root user_u:object_r:var_run_t        /var/run/acpid.socket=

$ls -lZ /usr/sbin/acpid       
-rwxr-x---  root root system_u:object_r:apmd_exec_t    /usr/sbin/acpid*

Comment 3 Gérard Milmeister 2007-04-02 18:02:44 UTC
Also, starting acpid using /etc/init.d/acpid always sets the type of
acpid.socket to var_run_t, even if I previously restored it to apmd_var_run_t.

Comment 4 Daniel Walsh 2007-04-02 18:12:17 UTC
getsebool -a | grep apm

Did you disable transition on acpid?



Comment 5 Gérard Milmeister 2007-04-02 18:41:39 UTC
Yes it was disabled. I enabled it again, and now everything seems to be as it
should. I don't know how it got changed at all.


Note You need to log in before you can comment on or make changes to this bug.