I have ACPI scripts that are supposed to run when Fn-Fx is pressed (for
various values of x). The scripts run fine when invoked from a shell,
but they fail when invoked by keypress. For example,
/etc/acpi/actions/Fn-F3.sh contains:
#!/bin/sh
if [ -f /var/tmp/acpi-lightoff ]; then
/usr/sbin/radeontool light on
/bin/rm /var/tmp/acpi-lightoff
else
/usr/sbin/radeontool light off
/bin/touch /var/tmp/acpi-lightoff
fi
When invoked by keypress, I get the following audit messages, and no
action is taken (light stays on, no file touched). Should I be doing
something different or is there something in selinux-policy-targeted that
needs to be fixed?
TIA.
type=AVC msg=audit(1126826853.791:2631316): avc: denied { search } for
pid=4112 comm="Fn-F3.sh" name="tmp" dev=dm-0 ino=906756
scontext=root:system_r:apmd_t tcontext=system_u:object_r:tmp_t tclass=dir
type=SYSCALL msg=audit(1126826853.791:2631316): arch=40000003 syscall=195
success=no exit=-13 a0=88fcda0 a1=bfffb488 a2=960ff4 a3=88fce30 items=1
pid=4112 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="Fn-F3.sh" exe="/bin/bash"
type=CWD msg=audit(1126826853.791:2631316): cwd="/"
type=PATH msg=audit(1126826853.791:2631316): item=0
name="/var/tmp/acpi-lightoff" flags=1 inode=906756 dev=fd:00 mode=041777
ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1126826853.800:2631748): avc: denied { read } for
pid=4114 comm="lspci" name="pci.ids" dev=dm-0 ino=809685
scontext=root:system_r:apmd_t tcontext=system_u:object_r:usr_t tclass=file
type=SYSCALL msg=audit(1126826853.800:2631748): arch=40000003 syscall=5
success=no exit=-13 a0=8054e5c a1=0 a2=fbad8001 a3=0 items=1 pid=4114
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="lspci" exe="/sbin/lspci"
type=CWD msg=audit(1126826853.800:2631748): cwd="/"
type=PATH msg=audit(1126826853.800:2631748): item=0
name="/usr/share/hwdata/pci.ids" flags=101 inode=809685 dev=fd:00
mode=0100644 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1126826853.804:2631869): avc: denied { search } for
pid=4115 comm="touch" name="tmp" dev=dm-0 ino=906756
scontext=root:system_r:apmd_t tcontext=system_u:object_r:tmp_t tclass=dir
type=SYSCALL msg=audit(1126826853.804:2631869): arch=40000003 syscall=5
success=no exit=-13 a0=bfefbf71 a1=8941 a2=1b6 a3=8941 items=1 pid=4115
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="touch" exe="/bin/touch"
type=CWD msg=audit(1126826853.804:2631869): cwd="/"
type=PATH msg=audit(1126826853.804:2631869): item=0
name="/var/tmp/acpi-lightoff" flags=310 inode=906756 dev=fd:00
mode=041777 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1126826853.804:2631870): avc: denied { search } for
pid=4115 comm="touch" name="tmp" dev=dm-0 ino=906756
scontext=root:system_r:apmd_t tcontext=system_u:object_r:tmp_t tclass=dir
type=SYSCALL msg=audit(1126826853.804:2631870): arch=40000003 syscall=30
success=no exit=-13 a0=bfefbf71 a1=0 a2=804f8bc a3=bfefbf71 items=1
pid=4115 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="touch" exe="/bin/touch"
type=CWD msg=audit(1126826853.804:2631870): cwd="/"
type=PATH msg=audit(1126826853.804:2631870): item=0
name="/var/tmp/acpi-lightoff" flags=1 inode=906756 dev=fd:00 mode=041777
ouid=0 ogid=0 rdev=00:00
--
Matthew Saltzman
Clemson University Math Sciences
mjs AT clemson DOT edu
http://www.math.clemson.edu/~mjs
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list
