Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 454358 - selinux denials to pppd when using Network Manager
Summary: selinux denials to pppd when using Network Manager
Status: CLOSED DUPLICATE of bug 249152
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: 9
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2008-07-07 22:48 UTC by Brian G. Anderson
Modified: 2008-09-02 11:52 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2008-09-02 11:52:25 UTC

Attachments (Terms of Use)
AVC messages about pppd denials (deleted)
2008-07-07 22:51 UTC, Brian G. Anderson
no flags Details

Description Brian G. Anderson 2008-07-07 22:48:29 UTC
Description of problem:
I have network manager (NM) setup to use my bluetooth phone as a mobile
broadband modem.  When I initiate a connection I get selinux failures about pppd
not be allowed to access "/var/run/pppd2.tdb".

I can sucessfully connect if I disable selinux or a I make a custom policy
(which is what I did).  I'll attach the avc messages I got in the log and that I
used to make my local policy

Version-Release number of selected component (if applicable):

How reproducible:
Every time

Steps to Reproduce:
1. Setup a broadband connection needing ppp.
2. Try and connect using nm-applet
Actual results:
Connection fails and setroubleshooter emits failure warnings

Expected results:
Successful connection

Additional info:

Comment 1 Brian G. Anderson 2008-07-07 22:51:33 UTC
Created attachment 311209 [details]
AVC messages about pppd denials

Comment 2 Jiri Skala 2008-08-20 13:50:57 UTC
I tested following commands to allow this and it works at me:

# audit2allow -M mypol -l -i /var/log/audit/audit.log
# semodule -i mypol.pp

This issue should fix new release of selinux-policy.

Comment 3 Jiri Skala 2008-09-02 11:52:25 UTC
I tested it with selinux-policy-3.3.1-87.fc9.noarch and it works fine.

*** This bug has been marked as a duplicate of bug 249152 ***

Note You need to log in before you can comment on or make changes to this bug.