SELinux and Palm devices (with avc messages)
Dax Kelson
dax at gurulabs.com
Tue Apr 20 07:40:08 UTC 2004
This has been on my ToDo list for awhile, here goes.
I have a Treo 600 (finally, a converged device done right) Palm OS 5.2
pda, cell phone, OGG/MP3/WMA player, mobile email, and mobile ssh
client.
When I plug it in, it shows up at /dev/usb/ttyUSB1
Many of the binaries from the pilot-link package want to read and write
to that character device file. For sure the pilot-xfer utility.
For example,
audit(1082445673.351:0): avc: denied { read write } for pid=3647 exe=/usr/bin/pilot-xfer name=ttyUSB1 dev=hda8 ino=1210304 scontext=user_u:user_r:user_t tcontext=system_u:object_r:tty_device_t tclass=chr_file
Additionally, I need to sync Evolution's calendar and address book with
my Treo. Evolution uses gnome-pilot and it's gpilotd daemon to
communicate with Palm devices.
Currently this results in failure with the following avc message:
audit(1082445978.961:0): avc: denied { read write } for pid=3735 exe=/usr/libexec/gpilotd name=ttyUSB1 dev=hda8 ino=1210304 scontext=user_u:user_r:user_t tcontext=system_u:object_r:tty_device_t tclass=chr_file
Dax Kelson
Guru Labs
More information about the fedora-selinux-list
mailing list