networkmanager and selinux not playing nice in today's rawhide
Adam Williamson
awilliam at redhat.com
Thu Jul 30 05:15:47 UTC 2009
If I leave selinux in enforcing mode, it racks up alerts from
NetworkManager like nobody's business - sealertd runs one of my cores to
100%, NetworkManager runs another up to 50% or so, and I can watch the
alert counter for the error tick over like America's national debt
clock. And NM doesn't really work any more.
The headline error is:
SELinux is preventing NetworkManager (NetworkManager_t) "read" NetworkManager_t.
The raw audit message is:
node=adam.local.net type=AVC msg=audit(1248930261.799:44508): avc: denied { read } for pid=10775 comm="NetworkManager" scontext=unconfined_u:system_r:NetworkManager_t:s0 tcontext=unconfined_u:system_r:NetworkManager_t:s0 tclass=netlink_kobject_uevent_socket
node=adam.local.net type=SYSCALL msg=audit(1248930261.799:44508): arch=c000003e syscall=47 success=no exit=-13 a0=a a1=7fff11ecc430 a2=0 a3=1 items=0 ppid=1 pid=10775 auid=501 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="NetworkManager" exe="/usr/sbin/NetworkManager" subj=unconfined_u:system_r:NetworkManager_t:s0 key=(null)
is anyone else seeing this? I checked for bug reports but couldn't find
any, so I thought I'd check if it's just me before reporting.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org
http://www.happyassassin.net
More information about the fedora-test-list
mailing list