[Pkg-utopia-maintainers] Bug#463989: Bug#463989: avahi-autoipd is restricted by SELinux

Michael Biebl biebl at debian.org
Sun Feb 10 08:03:46 UTC 2008 

Ritesh Raj Sarraf wrote:
> Package: avahi-autoipd
> Version: 0.6.22-2
> Severity: important
> 
> When using SELinux, avahi-autoipd doesn't work properly.
> 
> 
> type=AVC msg=audit(1201966657.793:107): avc:  denied  { execute } for  pid=6127 comm="avahi-autoipd" name="avahi-autoipd.action" dev=dm-2 ino=2836441 sconte
> xt=system_u:system_r:dhcpc_t:s0-s0:c0.c1023 tcontext=system_u:object_r:etc_t:s0 tclass=file
>         Was caused by:
>                 Unknown - would be allowed by specified policy
>                 Possible mismatch between this policy and the one under which the audit message was generated.
>                 Possible mismatch between current in-memory boolean settings vs. permanent ones.
> 
> type=AVC msg=audit(1201966657.793:108): avc:  denied  { execute_no_trans } for  pid=6127 comm="avahi-autoipd" path="/etc/avahi/avahi-autoipd.action" dev=dm-
> 2 ino=2836441 scontext=system_u:system_r:dhcpc_t:s0-s0:c0.c1023 tcontext=system_u:object_r:etc_t:s0 tclass=file
>         Was caused by:
>                 Unknown - would be allowed by specified policy
>                 Possible mismatch between this policy and the one under which the audit message was generated.
>                 Possible mismatch between current in-memory boolean settings vs. permanent ones.
> 
> type=AVC msg=audit(1201966657.801:109): avc:  denied  { read } for  pid=6127 comm="avahi-autoipd.a" name="ip" dev=dm-2 ino=3850259 scontext=system_u:system_
> r:dhcpc_t:s0-s0:c0.c1023 tcontext=system_u:object_r:ifconfig_exec_t:s0 tclass=lnk_file
>         Was caused by:
>                 Unknown - would be allowed by specified policy
>                 Possible mismatch between this policy and the one under which the audit message was generated.
>                 Possible mismatch between current in-memory boolean settings vs. permanent ones.
> 
> Ritesh

Hi Ritesh,

could you please re-test with the latest selinux package Manoj uploaded
to unstable. If you still haveAVC denials, please reassign the bug to
the refpolicy you are using selinux-policy-refpolicy-*

Thanks,
Michael

-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-utopia-maintainers/attachments/20080210/cad7d5a8/attachment.pgp

More information about the Pkg-utopia-maintainers mailing list