Running latest rawhide, targeted/enforcing (selinux-policy-3.2.5-12.fc9).
Notice the following AVC in audit.log
type=AVC msg=audit(1200767626.005:18): avc: denied { read } for
pid=2725 comm="wpa_supplicant" path="inotify" dev=inotifyfs ino=1
scontext=system_u:system_r:NetworkManager_t:s0
tcontext=system_u:object_r:inotifyfs_t:s0 tclass=dir
type=SYSCALL msg=audit(1200767626.005:18): arch=40000003 syscall=11
success=yes exit=0 a0=8619fd8 a1=8619c78 a2=8619008 a3=de799c items=0
ppid=2724 pid=2725 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) comm="wpa_supplicant"
exe="/usr/sbin/wpa_supplicant"
subj=system_u:system_r:NetworkManager_t:s0 key=(null)
type=ANOM_ABEND msg=audit(1200767646.778:19): auid=4294967295 uid=42
gid=42 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 pid=2742
comm="dbus-launch" sig=6
#============= NetworkManager_t ==============
allow NetworkManager_t inotifyfs_t:dir read;
Appears to be generated before gdm login; sort of looks like when
NetworkManager is started by init.
Not exactly sure where to BZ..... wpa_supplicant? NetworkManager? inotify?
tom
--
Tom London
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
