selinux blocks lircmd

scorpion_9 orcanbahri at yahoo.com
Thu Nov 22 18:03:23 UTC 2007 



Daniel J Walsh wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> kwhiskerz wrote:
>> SELinux is blocking the lircmd remote-controlled mouse from starting.
>> 
>> I have lirc properly set up and am able to use it to control amarok,
>> kaffeine 
>> &c when I start irkick, so I know that the remote is not defective and
>> that 
>> the system is reading the signals sent.
>> 
>> I use the lircm mouse to control programs remotely. I have the mouse
>> defined 
>> in xorg.conf and it used to work perfectly in f7 (when I had, in
>> frustration, 
>> disabled selinux).
>> 
>> In f8, I insist on finally using selinux in the default enforcing mode.
>> The 
>> problem with lircmd has been persisting since about f3 or f4 and since
>> then, 
>> I have had to disable selinux to get it to work. After all of this time, 
>> there must be a way for linux software to co-exist with selinux?
>> 
>> Xorg.0.log excerpt:
>> 
>> (**) Option "Protocol" "IMPS/2"
>> (**) LircMouse: Device: "/dev/lircm"
>> (**) LircMouse: Protocol: "IMPS/2"
>> (**) Option "SendCoreEvents"
>> (**) LircMouse: always reports core events
>> (**) Option "Device" "/dev/lircm"
>> (EE) xf86OpenSerial: Cannot open device /dev/lircm
>> 	Permission denied.
>> (EE) LircMouse: cannot open input device
>> (EE) PreInit failed for input device "LircMouse"
>> (II) UnloadModule: "mouse"
>> 
>>>From the SELinux troubleshooter:
>> 
>> SELinux is preventing /usr/bin/Xorg (xdm_xserver_t) "read write" to 
>> (device_t).
>> 
>> Raw Audit Messages:
>> 
>> avc: denied { read write } for comm=X dev=tmpfs egid=0 euid=0 
>> exe=/usr/bin/Xorg exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name=lircm
>> pid=2076 
>> scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 sgid=0 
>> subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 suid=0
>> tclass=fifo_file 
>> tcontext=system_u:object_r:device_t:s0 tty=tty7 uid=0
>> 
>> --
>> fedora-selinux-list mailing list
>> fedora-selinux-list at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
> We do not have a mapping for the device.  If you
> 
> chcon -t mouse_device_t /dev/lircm
> 
> It should work.
> 
> Did you ever report this as a bugzilla?
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
> 
> iD8DBQFHQeybrlYvE4MpobMRAiZgAKDWth9BJkEHGIL8OiNyYNHxSKDPFwCfTUGj
> 4y9Wq2gxhaMUZybrfykIVlo=
> =mlxc
> -----END PGP SIGNATURE-----
> 
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
> 
> 
Hi, I have the same problem and I tried what you said. It gives me:
[root at desitter ~]# chcon -t mouse_device_t /dev/lircm
chcon: failed to change context of /dev/lircm to
system_u:object_r:mouse_device_t:s0: Permission denied

I also tried the selinux-policy-3.0.8-58.fc8 rpm. Same error. I can't get
the /dev/lircm work with X.
-- 
View this message in context: http://www.nabble.com/selinux-blocks-lircmd-tf4827770.html#a13871620
Sent from the Fedora SELinux List mailing list archive at Nabble.com.

More information about the fedora-selinux-list mailing list