Re: Policy issue: C7 and motion

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 2/26/19 9:55 PM, mark wrote:
>> Subject: Re: Policy issue: C7 and motion
>> Date: Tue, 26 Feb 2019 09:31:18 +0100
>> From: Lukas Vrabec <lvrabec@xxxxxxxxxx>
>> Organization: Red Hat, Inc.
>> To: selinux@xxxxxxxxxxxxxxxxxxxxxxx
>>
>> On 2/25/19 7:20 PM, mark wrote:
>>
>>> Not sure who's package let an error slip in, but I don't believe I've
>>> had this issue before: SELinux is preventing /usr/bin/motion from map
>>> access on the chr_file /dev/video1
>>>
>>> Yes, that should be allowed by default.
>>
>> Yes, it should be allowed by default, but do you have raw AVCs related
>> to this issue?
>>
> type=AVC msg=audit(1551118810.099:136938): avc:  denied  { map } for 
> pid=5076 comm="motion" path="/dev/video1" dev="devtmpfs" ino=27287
> scontext=system_u:system_r:motion_t:s0
> tcontext=system_u:object_r:v4l_device_t:s0 tclass=chr_file permissive=1
> 
> Does that help?
> 

Hi,

Yes it helped. What version of Fedora are you using? I fixed this issue
here:
https://github.com/fedora-selinux/selinux-policy-contrib/commit/0b295220e86c4b154d4d969e2a5b0dc1607ebbb9

It should be fixed in Fedora28+

Thanks,
Lukas.

>       mark
> _______________________________________________
> selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
> Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx
> 


-- 
Lukas Vrabec
Software Engineer, Security Technologies
Red Hat, Inc.

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux