Selinux and bluetooth

Daniel J Walsh dwalsh at redhat.com
Mon Jul 11 13:06:13 UTC 2005 

Paul Lacatus wrote:

> Eric Paris wrote:
>
>> What do you have in /var/log/audit/audit.log when you got the failure?
>>
>>  
>>
> I think that a interesting part of the log is folowing. You can see 
> the "denied {read}" . If you need some more informations from the log 
> I can send you the complete log. Is only 90KB.
>
> PL.
>
>
>
> type=PATH msg=audit(1120937471.981:9226823): item=0 
> name="/etc/bluetooth/hcid.conf" inode=69410 dev=03:05 mode=0100644 
> ouid=0 ogid=0
> rdev=00:00
> type=SYSCALL msg=audit(1120937471.981:9226823): arch=40000003 
> syscall=5 success=no exit=-13 a0=5a4211 a1=0 a2=1b6 a3=9bd1130 items=1
> pid=11886 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 
> sgid=0 fsgid=0 comm="hcid" exe="/usr/sbin/hcid"
> type=PATH msg=audit(1120937471.994:9227122): item=0 
> name="/etc/bluetooth/pin" inode=69411 dev=03:05 mode=0100600 ouid=0 
> ogid=0 rdev=0
> 0:00
> type=SYSCALL msg=audit(1120937471.994:9227122): arch=40000003 
> syscall=5 success=no exit=-13 a0=9bd1018 a1=0 a2=1b6 a3=9bd2e60 items=1
> pid=11886 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 
> sgid=0 fsgid=0 comm="hcid" exe="/usr/sbin/hcid"
> type=AVC msg=audit(1120937471.994:9227122): avc:  denied  { read } 
> for  pid=11886 comm="hcid" name=pin dev=hda5 ino=69411 scontext=ro
> ot:system_r:bluetooth_t tcontext=root:object_r:etc_t tclass=file
> type=AVC msg=audit(1120937471.981:9226823): avc:  denied  { read } 
> for  pid=11886 comm="hcid" name=hcid.conf dev=hda5 ino=69410 scont
> ext=root:system_r:bluetooth_t tcontext=root:object_r:etc_t tclass=file
> type=PATH msg=audit(1120937472.107:9227750): item=0 
> name="/etc/bluetooth/rfcomm.conf" inode=69413 dev=03:05 mode=0100644 
> ouid=0 ogid=
> 0 rdev=00:00
> type=SYSCALL msg=audit(1120937472.107:9227750): arch=40000003 
> syscall=5 success=no exit=-13 a0=bfd26655 a1=0 a2=1b6 a3=8ad9008 items=
> 1 pid=11893 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 
> sgid=0 fsgid=0 comm="rfcomm" exe="/usr/bin/rfcomm"
> type=AVC msg=audit(1120937472.107:9227750): avc:  denied  { read } 
> for  pid=11893 comm="rfcomm" name=rfcomm.conf dev=hda5 ino=69413 s
> context=root:system_r:bluetooth_t tcontext=root:object_r:etc_t 
> tclass=file
> type=AVC_PATH msg=audit(1120938151.449:14857979):  path="socket:[76227]"
> type=SYSCALL msg=audit(1120938151.449:14857979): arch=40000003 
> syscall=3 success=no exit=-13 a0=4 a1=bfc2ecc8 a2=404 a3=404 items=0 p
> id=11886 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 
> sgid=0 fsgid=0 comm="hcid" exe="/usr/sbin/hcid"
> type=AVC msg=audit(1120938151.449:14857979): avc:  denied  { read } 
> for  pid=11886 comm="hcid" name=[76227] dev=sockfs ino=76227 scon
> text=root:system_r:bluetooth_t tcontext=root:system_r:bluetooth_t 
> tclass=socket
> :                                                                                
>
> -- 
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> http://www.redhat.com/mailman/listinfo/fedora-selinux-list

First off you need to relabel your etc directory

restorecon -R -v /etc

Also what version of policy are you running?

rpm -q selinux-policy-targeted



--

More information about the fedora-selinux-list mailing list