selinux and udev problems after updates including latest kernel

Claude Jones cjones at levitjames.com
Thu Nov 1 12:58:16 UTC 2007


 I got a flood of messages this morning after rebooting into the latest kernel 
2.6.23.1-10.fc7 #1 SMP  this morning. These had to with udev being denied 
whilst it was trying to do various things by Selinux:

**************************************************************************

Here's an example from SETroubleshooter:

Summary
    SELinux is preventing /sbin/udevd (udev_t) "relabelfrom" to scsi-
    SATA_WDC_WD5000YS-01_WD-WMANU1397503-part1 (device_t).

Detailed Description
    SELinux denied access requested by /sbin/udevd. It is not expected that 
this
    access is required by /sbin/udevd and this access may signal an intrusion
    attempt. It is also possible that the specific version or configuration of
    the application is causing it to require additional access.

Allowing Access
    Sometimes labeling problems can cause SELinux denials.  You could try to
    restore the default system file context for scsi-SATA_WDC_WD5000YS-01_WD-
    WMANU1397503-part1, restorecon -v scsi-SATA_WDC_WD5000YS-01_WD-
    WMANU1397503-part1 If this does not work, there is currently no automatic
    way to allow this access. Instead,  you can generate a local policy module
    to allow this access - see http://fedora.redhat.com/docs/selinux-faq-
    fc5/#id2961385 Or you can disable SELinux protection altogether. Disabling
    SELinux protection is not recommended. Please file a
    http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package.

Additional Information        

Source Context                system_u:system_r:udev_t:SystemLow-SystemHigh
Target Context                system_u:object_r:device_t
Target Objects                scsi-SATA_WDC_WD5000YS-01_WD-WMANU1397503-part1 
[
                              lnk_file ]
Affected RPM Packages         udev-113-12.fc7 [application]
Policy RPM                    selinux-policy-2.6.4-48.fc7
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   plugins.catchall_file
Host Name                     tehogee1
Platform                      Linux tehogee1 2.6.22.9-91.fc7 #1 SMP Thu Sep 27
                              23:10:59 EDT 2007 i686 i686
Alert Count                   1
First Seen                    Thu 01 Nov 2007 08:25:05 AM EDT
Last Seen                     Thu 01 Nov 2007 08:25:05 AM EDT
Local ID                      21dae078-ca08-4ced-bf62-a09da895c7a4
Line Numbers                  

Raw Audit Messages            

avc: denied { relabelfrom } for comm="udevd" dev=tmpfs egid=0 euid=0
exe="/sbin/udevd" exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name="scsi-
SATA_WDC_WD5000YS-01_WD-WMANU1397503-part1" pid=24234
scontext=system_u:system_r:udev_t:s0-s0:c0.c1023 sgid=0
subj=system_u:system_r:udev_t:s0-s0:c0.c1023 suid=0 tclass=lnk_file
tcontext=system_u:object_r:device_t:s0 tty=(none) uid=0

***************************************************************

Is anyone else seeing anything like this? I probably got over 50 of these! The 
machine is up, and seems to be running normally, though I haven't done much 
beyond composing this email.


-- 
Claude Jones
Brunswick, MD, USA




More information about the fedora-list mailing list