On 3-10-13 19:55:25 Jean-David Beyer wrote: > On 03/10/2013 06:57 PM, Garry T. Williams wrote: > > I recently started seeing this: > > > > SELinux is preventing /usr/sbin/apcupsd (deleted) from read access > > on the file LCK... > > > > See https://bugzilla.redhat.com/show_bug.cgi?id=917878 . > > > Any idea what OS you are using, version, etc.? Sorry. I mentioned that in the BZ, but not here. Fedora 18 apcupsd-3.14.10-7.fc18.x86_64 selinux-policy-3.11.1-82.fc18.noarch selinux-policy-targeted-3.11.1-82.fc18.noarch garry@vfr$ journalctl -b -p err|grep "SELinux is preventing" Mar 04 20:34:49 vfr setroubleshoot[15845]: SELinux is preventing /usr/sbin/apcupsd (deleted) from read access on the file LCK... For complete SELinux messages. run sealert -l 5f0e7e41-4a9e-495f-85b4-44b81bb9414f Mar 04 20:34:49 vfr setroubleshoot[15845]: SELinux is preventing /usr/sbin/apcupsd (deleted) from read access on the file LCK... For complete SELinux messages. run sealert -l 5f0e7e41-4a9e-495f-85b4-44b81bb9414f Mar 04 20:34:49 vfr setroubleshoot[15845]: SELinux is preventing /usr/sbin/apcupsd (deleted) from read access on the file LCK... For complete SELinux messages. run sealert -l 5f0e7e41-4a9e-495f-85b4-44b81bb9414f garry@vfr$ OK, I just did: $ sudo systemctl restart apcupsd.service and then toggled the mains to the UPS and the AVC is gone now. A look at my log: garry@vfr$ journalctl --since=2013-03-01|grep "yum"|grep selinux Mar 02 17:02:53 vfr yum[21797]: Updated: libselinux-2.1.12-7.1.fc18.x86_64 Mar 02 17:07:36 vfr yum[21797]: Updated: libselinux-python-2.1.12-7.1.fc18.x86_64 Mar 02 17:07:37 vfr yum[21797]: Updated: libselinux-utils-2.1.12-7.1.fc18.x86_64 Mar 04 06:24:54 vfr yum[5379]: Updated: selinux-policy-3.11.1-82.fc18.noarch Mar 04 06:26:20 vfr yum[5379]: Updated: selinux-policy-devel-3.11.1-82.fc18.noarch Mar 04 06:26:23 vfr yum[5379]: Updated: selinux-policy-doc-3.11.1-82.fc18.noarch Mar 04 06:26:59 vfr yum[5379]: Updated: selinux-policy-targeted-3.11.1-82.fc18.noarch garry@vfr$ shows the problem hit after the last targeted update. Hmmm. I manually removed the LCK.. file and then bounced the server after opening the bug. My shell history shows this: sudo rm /run/lock/LCK.. with a time stamp of Mon Mar 4 21:15:55 2013, which is after I filed the bug. I did this and after a minor power glitch, the logs didn't show that apcupsd reported the power failure. (There were about 50(!) brief power interruptions around that time.) I assumed that that meant the AVC was still there. That was wrong, apparently. I don't know how the LCK.. file got labeled wrong, but deleting it was apparently the fix. Sorry for the noise. I closed the BZ. -- Garry T. Williams -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
