Re: Anyone else seeing hal problems with selinux-targetted?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 4/29/05, Jeff Spaleta <jspaleta@xxxxxxxxx> wrote:
> I have a fully synced rawhide box.
> hal-0.5.1-1
> selinux-policy-targeted-1.23.13-4
> 
> with selinux set to enforcing mode hal doesn't seem to be operating
> correctly and I am getting
> this avc message at bootup.
> 
> kernel: audit(1114815383.993:0): avc:  denied  { connectto } for
> path=@           /tmp/hald-local/dbus-gcCZNOvxOB
> scontext=system_u:system_r:hald_t tcontext=system_u:system_r:hald_t
> tclass=unix_stream_socket
> 
> I have run the fixfiles relabel command but I am still getting the avc
> generated at hal service start up.  Anyeone else seeing something
> similar?   Once I reboot with selinux in permissive mode, hal operates
> as i expect.  My selinux-fu is still poor, so any pointers on how to
> diagnose this more would be appreciated.
> 
> -jef

Yeah, reported this to fedora-selinux list.

Adding
allow hald_t self:unix_stream_socket connectto;
to the policy will fix this.

Guessing it will be in the next policy update.

tom

-- 
Tom London


[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]