-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MikeC wrote: > Some days ago I was trying to run kismet on a system with F9 running > SElinux and kismet failed to start and complained about being unable > to write to the file ssid_map which was in the normal user main dir. > There was an AVC denial indicating that kismet was not permitted to access > that file. > > It was suggested that I make kismet look at /var/lib/kismet instead. > > Having tried again this evening and changed kismet.conf so that > %h/ was changed to /var/lib/kismet/ then kismet still fails to start and the > terminal window gives: > > Will attempt to put networkmanager to sleep... > Allowing clients to fetch WEP keys. > WARNING: Disabling GPS logging. > SSID cloak file did not exist, it will be created. > FATAL: Could not open SSID track file '/var/lib/kismet/ssid_map' for writing: > Permission denied > Sending termination request to channel control child 3538... > Waiting for channel control child 3538 to exit... > WARNING: Sometimes cards don't always come out of monitor mode > cleanly. If your card is not fully working, you may need to > restart or reconfigure it for normal operation. > Trying to wake networkmanager back up... > WARNING: Failed to connect to DBUS system, will not be able to control > networkmanager: Failed to connect to socket /var/run/dbus/system_bus_socket: > Permission denied > WARNING: Failed to send 'wake' command to networkmanager via DBUS, NM may still > be inactive.Kismet exiting. > Done. > > I checked the contexts: > [root@lapmike2 kismet]# ll -Zld /var/lib/kismet > drwxrwx--- 2 system_u:object_r:kismet_var_lib_t:s0 root kismet 4096 2008-11-18 > 20:59 /var/lib/kismet > [root@lapmike2 kismet]# ll -Z /var/lib/kismet > -rw-rw-rw- root root unconfined_u:object_r:kismet_var_lib_t:s0 ssid_map > > Any ideas how to fix this - in the above there is no AVC denial but I am > guessing that SElinux may still be involved? > > -- > fedora-selinux-list mailing list > fedora-selinux-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-selinux-list Looks like kismet is trying to dbus communicate with NetworkManager, I can add that. Some of the avc's that you submitted indicate that kismet is trying to load kernel modules, which is not something we want to add. > FATAL: Could not open SSID track file '/var/lib/kismet/ssid_map' for writing: Not sure what is causing this? Is this a regular file? Could you send me your configuration so I could try this out? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkkkE4YACgkQrlYvE4MpobNxCQCfbeTojME8BHRdWkTxetN31+Ct KrEAn0r+y5WJX7VXlUKFDB7UilmKjgG4 =61VX -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
