selinux blocks lircmd

Daniel J Walsh dwalsh at redhat.com
Mon Nov 19 20:08:17 UTC 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Daniel J Walsh wrote:
> kwhiskerz wrote:
>> SELinux is blocking the lircmd remote-controlled mouse from starting.
> 
>> I have lirc properly set up and am able to use it to control amarok, kaffeine 
>> &c when I start irkick, so I know that the remote is not defective and that 
>> the system is reading the signals sent.
> 
>> I use the lircm mouse to control programs remotely. I have the mouse defined 
>> in xorg.conf and it used to work perfectly in f7 (when I had, in frustration, 
>> disabled selinux).
> 
>> In f8, I insist on finally using selinux in the default enforcing mode. The 
>> problem with lircmd has been persisting since about f3 or f4 and since then, 
>> I have had to disable selinux to get it to work. After all of this time, 
>> there must be a way for linux software to co-exist with selinux?
> 
>> Xorg.0.log excerpt:
> 
>> (**) Option "Protocol" "IMPS/2"
>> (**) LircMouse: Device: "/dev/lircm"
>> (**) LircMouse: Protocol: "IMPS/2"
>> (**) Option "SendCoreEvents"
>> (**) LircMouse: always reports core events
>> (**) Option "Device" "/dev/lircm"
>> (EE) xf86OpenSerial: Cannot open device /dev/lircm
>> 	Permission denied.
>> (EE) LircMouse: cannot open input device
>> (EE) PreInit failed for input device "LircMouse"
>> (II) UnloadModule: "mouse"
> 
>> >From the SELinux troubleshooter:
> 
>> SELinux is preventing /usr/bin/Xorg (xdm_xserver_t) "read write" to 
>> (device_t).
> 
>> Raw Audit Messages:
> 
>> avc: denied { read write } for comm=X dev=tmpfs egid=0 euid=0 
>> exe=/usr/bin/Xorg exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name=lircm pid=2076 
>> scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 sgid=0 
>> subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 suid=0 tclass=fifo_file 
>> tcontext=system_u:object_r:device_t:s0 tty=tty7 uid=0
> 
>> --
>> fedora-selinux-list mailing list
>> fedora-selinux-list at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
> We do not have a mapping for the device.  If you
> 
> chcon -t mouse_device_t /dev/lircm
> 
> It should work.
> 
> Did you ever report this as a bugzilla?

- --
fedora-selinux-list mailing list
fedora-selinux-list at redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

Fixed in selinux-policy-3.0.8-58.fc8

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFHQe0xrlYvE4MpobMRArSaAKDdZL9f29tmmGyKx1kVrBmAjph35wCfTa75
OMWsJaXP+4k7ae3fEIgH0Hg=
=e6u0
-----END PGP SIGNATURE-----




More information about the fedora-selinux-list mailing list