gpsd on F11-64
Miroslav Grepl
mgrepl at redhat.com
Fri Jun 19 07:55:11 UTC 2009
rick wrote:
>
>
> I have a shiny new F11 install and am getting the following in the
> syslog:
>
>
> Jun 18 15:41:16 calvin setroubleshoot: SELinux prevented gpsd from
> using the terminal 0. For complete SELinux messages. run sealert -l
> d33b557f-d1a4-4bde-add4-93b93ce91cc6
>
>
>
>
> Fedora seems to be gpsd-challenged but the alert suggests trying
> restorecon which does not seem to do anything...
>
>
>
> Summary:
>
> SELinux is preventing gpsd (gpsd_t) "write" to run (var_run_t).
>
>
>
> and fyi:
>
>
>
> # ls -Z gpsd
> -rwxr-xr-x. root root system_u:object_r:gpsd_exec_t:s0 gpsd
>
>
>
> ...so does this warrant a bug report on the policy or is it possible
> to change the context of the daemon's file so that it will work?
>
> fyi, the audit msg is below and the gpsd init script looks for the
> file in the wrong place, so perhaps the policy expects it to be in
> /usr/bin instead of usr/sbin also...
>
>
>
>
Ok, how you mentioned above, the gpsd has the init script now, but we
don't have a policy for that. Then this is a bug in the policy.
Regards,
Miroslav
>
>
>
>
> any help appreciated,
>
>
>
> rick
>
>
>
>
>
>
>
> ------------
>
> Raw Audit Messages
>
> node=calvin.rikm.net type=AVC msg=audit(1245353432.700:34699): avc:
> denied { write } for pid=12148 comm="gpsd" name="run" dev=sda7
> ino=1654 scontext=unconfined_u:unconfined_r:gpsd_t:s0-s0:c0.c1023
> tcontext=system_u:object_r:var_run_t:s0 tclass=dir
>
> node=calvin.rikm.net type=SYSCALL msg=audit(1245353432.700:34699):
> arch=c000003e syscall=49 success=no exit=-13 a0=3 a1=7fffd13b8d40
> a2=6e a3=3db7168fcc items=0 ppid=12147 pid=12148 auid=500 uid=0 gid=0
> euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=1
> comm="gpsd" exe="/usr/sbin/gpsd"
> subj=unconfined_u:unconfined_r:gpsd_t:s0-s0:c0.c1023 key=(null)
>
> -------------
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
More information about the fedora-selinux-list
mailing list