acpid

Matthew Saltzman mjs at ces.clemson.edu
Thu Sep 15 23:33:43 UTC 2005 

I have ACPI scripts that are supposed to run when Fn-Fx is pressed (for 
various values of x).  The scripts run fine when invoked from a shell, 
but they fail when invoked by keypress.  For example, 
/etc/acpi/actions/Fn-F3.sh contains:

 	#!/bin/sh

 	if [ -f /var/tmp/acpi-lightoff ]; then
 	  /usr/sbin/radeontool light on
 	  /bin/rm /var/tmp/acpi-lightoff
 	else
 	  /usr/sbin/radeontool light off
 	  /bin/touch /var/tmp/acpi-lightoff
 	fi

When invoked by keypress, I get the following audit messages, and no 
action is taken (light stays on, no file touched).  Should I be doing 
something different or is there something in selinux-policy-targeted that 
needs to be fixed?

TIA.

type=AVC msg=audit(1126826853.791:2631316): avc:  denied  { search } for 
pid=4112 comm="Fn-F3.sh" name="tmp" dev=dm-0 ino=906756 
scontext=root:system_r:apmd_t tcontext=system_u:object_r:tmp_t tclass=dir
type=SYSCALL msg=audit(1126826853.791:2631316): arch=40000003 syscall=195 
success=no exit=-13 a0=88fcda0 a1=bfffb488 a2=960ff4 a3=88fce30 items=1 
pid=4112 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
fsgid=0 comm="Fn-F3.sh" exe="/bin/bash"
type=CWD msg=audit(1126826853.791:2631316):  cwd="/"
type=PATH msg=audit(1126826853.791:2631316): item=0 
name="/var/tmp/acpi-lightoff" flags=1  inode=906756 dev=fd:00 mode=041777 
ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1126826853.800:2631748): avc:  denied  { read } for 
pid=4114 comm="lspci" name="pci.ids" dev=dm-0 ino=809685 
scontext=root:system_r:apmd_t tcontext=system_u:object_r:usr_t tclass=file
type=SYSCALL msg=audit(1126826853.800:2631748): arch=40000003 syscall=5 
success=no exit=-13 a0=8054e5c a1=0 a2=fbad8001 a3=0 items=1 pid=4114 
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 
comm="lspci" exe="/sbin/lspci"
type=CWD msg=audit(1126826853.800:2631748):  cwd="/"
type=PATH msg=audit(1126826853.800:2631748): item=0 
name="/usr/share/hwdata/pci.ids" flags=101  inode=809685 dev=fd:00 
mode=0100644 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1126826853.804:2631869): avc:  denied  { search } for 
pid=4115 comm="touch" name="tmp" dev=dm-0 ino=906756 
scontext=root:system_r:apmd_t tcontext=system_u:object_r:tmp_t tclass=dir
type=SYSCALL msg=audit(1126826853.804:2631869): arch=40000003 syscall=5 
success=no exit=-13 a0=bfefbf71 a1=8941 a2=1b6 a3=8941 items=1 pid=4115 
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 
comm="touch" exe="/bin/touch"
type=CWD msg=audit(1126826853.804:2631869):  cwd="/"
type=PATH msg=audit(1126826853.804:2631869): item=0 
name="/var/tmp/acpi-lightoff" flags=310  inode=906756 dev=fd:00 
mode=041777 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1126826853.804:2631870): avc:  denied  { search } for 
pid=4115 comm="touch" name="tmp" dev=dm-0 ino=906756 
scontext=root:system_r:apmd_t tcontext=system_u:object_r:tmp_t tclass=dir
type=SYSCALL msg=audit(1126826853.804:2631870): arch=40000003 syscall=30 
success=no exit=-13 a0=bfefbf71 a1=0 a2=804f8bc a3=bfefbf71 items=1 
pid=4115 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
fsgid=0 comm="touch" exe="/bin/touch"
type=CWD msg=audit(1126826853.804:2631870):  cwd="/"
type=PATH msg=audit(1126826853.804:2631870): item=0 
name="/var/tmp/acpi-lightoff" flags=1  inode=906756 dev=fd:00 mode=041777 
ouid=0 ogid=0 rdev=00:00



-- 
 		Matthew Saltzman

Clemson University Math Sciences
mjs AT clemson DOT edu
http://www.math.clemson.edu/~mjs

More information about the fedora-selinux-list mailing list