Re: fc-5 and selinux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Le mardi 21 mars 2006 à 14:28 -0500, Daniel J Walsh a écrit :
> Tanguy Eric wrote:
> > I think it's a selinux problem :
> > i can't use my usb scanner unless i'm root
> > i can't mount cdrom and ext3 usb partition unless i'm root
> >
> > How can i use this in simple user ?
> > Eric
> >
> >
> >   
> Are you seeing AVC messages in /var/log/messages? /var/log/audit/audit.log?
> 
> You can see if it is SELinux causing the problems by executing 
> setenforce 0 as root, and then see if the devices work correctly.
> 
> Dan
> 
When i plug my usb scanneri found this in dmesg :
usb 3-2: new high speed USB device using ehci_hcd and address 8
usb 3-2: configuration #1 chosen from 1 choice
audit(1143014471.120:170): avc:  denied  { getattr } for  pid=2699
comm="pam_console_app" name="008" dev=tmpfs ino=20684
scontext=system_u:system_r:pam_console_t:s0-s0:c0.c255
tcontext=system_u:object_r:usb_device_t:s0 tclass=chr_file

as user : scanimage -L
device `v4l:/dev/video1' is a Noname Creative NX virtual device
device `v4l:/dev/video0' is a Noname BT878 video (Pinnacle PCTV Stud
virtual device

sudo scanimage -L
Password:
device `v4l:/dev/video1' is a Noname Creative NX virtual device
device `v4l:/dev/video0' is a Noname BT878 video (Pinnacle PCTV Stud
virtual device
device `snapscan:libusb:003:008' is a EPSON EPSON Scanner flatbed
scanner

if i plug a usb disk containing a usb fat32 partition and a ext3
partition :

i can see in dmesg : 
Initializing USB Mass Storage driver...
scsi0 : SCSI emulation for USB Mass Storage devices
usb-storage: device found at 9
usb-storage: waiting for device to settle before scanning
usbcore: registered new driver usb-storage
USB Mass Storage support registered.
  Vendor: HDS72258  Model: 0VLAT20           Rev: V32O
  Type:   Direct-Access                      ANSI SCSI revision: 00
SCSI device sda: 160836480 512-byte hdwr sectors (82348 MB)
sda: Write Protect is off
sda: Mode Sense: 03 00 00 00
sda: assuming drive cache: write through
SCSI device sda: 160836480 512-byte hdwr sectors (82348 MB)
sda: Write Protect is off
sda: Mode Sense: 03 00 00 00
sda: assuming drive cache: write through
 sda: sda1 sda2
sd 0:0:0:0: Attached scsi disk sda
usb-storage: device scan complete
sd 0:0:0:0: Attached scsi generic sg0 type 0
audit(1143014745.045:172): avc:  denied  { getattr } for  pid=2826
comm="pam_console_app" name="008" dev=tmpfs ino=20684
scontext=system_u:system_r:pam_console_t:s0-s0:c0.c255
tcontext=system_u:object_r:usb_device_t:s0 tclass=chr_file
audit(1143014745.117:173): avc:  denied  { getattr } for  pid=2830
comm="pam_console_app" name="008" dev=tmpfs ino=20684
scontext=system_u:system_r:pam_console_t:s0-s0:c0.c255
tcontext=system_u:object_r:usb_device_t:s0 tclass=chr_file

as user in my desktop only the fat32 partition is mounted

if i plug my usb cd/dvd reader writer with the fc5 dvd in it .
I found in dmesg : 
usb 3-1: new high speed USB device using ehci_hcd and address 10
usb 3-1: configuration #1 chosen from 1 choice
scsi1 : SCSI emulation for USB Mass Storage devices
usb-storage: device found at 10
usb-storage: waiting for device to settle before scanning
audit(1143014878.670:179): avc:  denied  { getattr } for  pid=2913
comm="pam_console_app" name="008" dev=tmpfs ino=20684
scontext=system_u:system_r:pam_console_t:s0-s0:c0.c255
tcontext=system_u:object_r:usb_device_t:s0 tclass=chr_file
  Vendor: PLEXTOR   Model: DVDR   PX-708A    Rev: 1.09
  Type:   CD-ROM                             ANSI SCSI revision: 00
 1:0:0:0: Attached scsi generic sg1 type 5
usb-storage: device scan complete
sr0: scsi3-mmc drive: 40x/40x writer cd/rw xa/form2 cdda tray
sr 1:0:0:0: Attached scsi CD-ROM sr0
audit(1143014883.606:180): avc:  denied  { getattr } for  pid=2926
comm="pam_console_app" name="008" dev=tmpfs ino=20684
scontext=system_u:system_r:pam_console_t:s0-s0:c0.c255
tcontext=system_u:object_r:usb_device_t:s0 tclass=chr_file
audit(1143014883.682:181): avc:  denied  { getattr } for  pid=2951
comm="pam_console_app" name="008" dev=tmpfs ino=20684
scontext=system_u:system_r:pam_console_t:s0-s0:c0.c255
tcontext=system_u:object_r:usb_device_t:s0 tclass=chr_file
audit(1143014921.500:182): avc:  denied  { getattr } for  pid=2258
comm="hald" name="/" dev=sda2 ino=2 scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:file_t:s0 tclass=dir
audit(1143014921.688:183): avc:  denied  { getattr } for  pid=2967
comm="hal-system-stor" name="/" dev=sda2 ino=2
scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:file_t:s0 tclass=dir
audit(1143014921.688:184): avc:  denied  { getattr } for  pid=2967
comm="hal-system-stor" name="/" dev=sda2 ino=2
scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:file_t:s0 tclass=dir
audit(1143014921.692:185): avc:  denied  { search } for  pid=2971
comm="touch" name="/" dev=sda2 ino=2
scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:file_t:s0 tclass=dir
audit(1143014921.692:186): avc:  denied  { search } for  pid=2971
comm="touch" name="/" dev=sda2 ino=2
scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:file_t:s0 tclass=dir
audit(1143014921.692:187): avc:  denied  { getattr } for  pid=2967
comm="hal-system-stor" name="/" dev=sda2 ino=2
scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:file_t:s0 tclass=dir

and the dvd is not mounted.

Eric
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux