readahead / audit /selinux problem

Jiri Cerny jiri.cerny at epfl.ch
Tue Mar 13 07:28:32 UTC 2007 

I had the same problem. The problem is that the last week update of udev
dropped udev-084-floppy.patch, for some reason. Now, on every boot udev
creates a lot of /dev/fd0XXXX files with 000 permissions and with selinux
label default_t. There is patch in the upstream udev that I tried to apply and
it corrects the permissions but not the selinux label -- see
http://git.kernel.org/?p=linux/hotplug/udev.git;a=commitdiff;h=5b7363c0642c2c513b7ebd58bd0cbbcbea355fdf;hp=684e935fafdf75c57f1cfd6b91666353270bce8d

Maybe, it is worth to remark that my laptop is floppy-less.

Jiri



On Mon, Mar 12, 2007 at 03:09:43PM -0700, oldman wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Seems to me I'm having a good share of the problems this week, the latest:
> after booting and logging in I noticed a horrendous slowdown my mouse
> was crawling etc. Firing up top, I found that the culprit was audispd,
> which digging around I found was part of the whole Audit thing.
> Further along I found pages! of audit errors in my dmesg such as:
> 
> audit(1173729877.970:8960): avc:  denied  { getattr } for  pid=1537
> comm="readahead" name="fd0u1680" dev=tmpfs ino=6170
> scontext=system_u:system_r:readahead_t:s0
> tcontext=system_u:object_r:default_t:s0 tclass=blk_file
> audit(1173729877.970:8961): avc:  denied  { getattr } for  pid=1537
> comm="readahead" name="fd0u1440" dev=tmpfs ino=6169
> scontext=system_u:system_r:readahead_t:s0
> tcontext=system_u:object_r:default_t:s0 tclass=blk_file
> 
> These are but the last two, but as I said pages! and all have the
> comm=readahead, all have the various fd0XXXX which I know to be the
> 3.5" floppy in the various sizes of discs that may be used in them
> (pretty darn sure of that anyway)
> 
> 
> Additionally, and likely caused by the same problem, the
> setroubleshooter refuses to open, just sits there saying "loading
> files" forever....
> 
> The audispd and audit error messages are avoided by setting selinux=0
> in the kernel line, so I assume this was caused by the last security
> policy update.  Did anyone else see this?
> 
> Scott
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
> 
> iD8DBQFF9c+m5mBKdb7VQEcRAuSXAKCulC+IDjEkFXedk9BuJMtCI8kX2ACgmPFi
> f7fVupRz9Qch65g+orQjVcA=
> =B2py
> -----END PGP SIGNATURE-----
> 
> -- 
> fedora-test-list mailing list
> fedora-test-list at redhat.com
> To unsubscribe: 
> https://www.redhat.com/mailman/listinfo/fedora-test-list

-- 
Jiří Černý
École Polytechnique Fédérale de Lausanne (EPFL)
Chair of Stochastic modeling (CMOS)
INR 031 - Station 14
CH-1015 Lausanne
 
phone:      ++41-21-693 7534
fax:        ++41-21-693 7545
e-mail:     jiri.cerny at epfl.ch

More information about the fedora-test-list mailing list