selinux blocks lircmd
Daniel J Walsh
dwalsh at redhat.com
Mon Nov 19 20:05:47 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
kwhiskerz wrote:
> SELinux is blocking the lircmd remote-controlled mouse from starting.
>
> I have lirc properly set up and am able to use it to control amarok, kaffeine
> &c when I start irkick, so I know that the remote is not defective and that
> the system is reading the signals sent.
>
> I use the lircm mouse to control programs remotely. I have the mouse defined
> in xorg.conf and it used to work perfectly in f7 (when I had, in frustration,
> disabled selinux).
>
> In f8, I insist on finally using selinux in the default enforcing mode. The
> problem with lircmd has been persisting since about f3 or f4 and since then,
> I have had to disable selinux to get it to work. After all of this time,
> there must be a way for linux software to co-exist with selinux?
>
> Xorg.0.log excerpt:
>
> (**) Option "Protocol" "IMPS/2"
> (**) LircMouse: Device: "/dev/lircm"
> (**) LircMouse: Protocol: "IMPS/2"
> (**) Option "SendCoreEvents"
> (**) LircMouse: always reports core events
> (**) Option "Device" "/dev/lircm"
> (EE) xf86OpenSerial: Cannot open device /dev/lircm
> Permission denied.
> (EE) LircMouse: cannot open input device
> (EE) PreInit failed for input device "LircMouse"
> (II) UnloadModule: "mouse"
>
>>From the SELinux troubleshooter:
>
> SELinux is preventing /usr/bin/Xorg (xdm_xserver_t) "read write" to
> (device_t).
>
> Raw Audit Messages:
>
> avc: denied { read write } for comm=X dev=tmpfs egid=0 euid=0
> exe=/usr/bin/Xorg exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name=lircm pid=2076
> scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 sgid=0
> subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 suid=0 tclass=fifo_file
> tcontext=system_u:object_r:device_t:s0 tty=tty7 uid=0
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
We do not have a mapping for the device. If you
chcon -t mouse_device_t /dev/lircm
It should work.
Did you ever report this as a bugzilla?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFHQeybrlYvE4MpobMRAiZgAKDWth9BJkEHGIL8OiNyYNHxSKDPFwCfTUGj
4y9Wq2gxhaMUZybrfykIVlo=
=mlxc
-----END PGP SIGNATURE-----
More information about the fedora-selinux-list
mailing list