FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora SELinux Support

 
 
LinkBack Thread Tools
 
Old 11-19-2007, 07:05 PM
Daniel J Walsh
 
Default selinux blocks lircmd

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

kwhiskerz wrote:
> SELinux is blocking the lircmd remote-controlled mouse from starting.
>
> I have lirc properly set up and am able to use it to control amarok, kaffeine
> &c when I start irkick, so I know that the remote is not defective and that
> the system is reading the signals sent.
>
> I use the lircm mouse to control programs remotely. I have the mouse defined
> in xorg.conf and it used to work perfectly in f7 (when I had, in frustration,
> disabled selinux).
>
> In f8, I insist on finally using selinux in the default enforcing mode. The
> problem with lircmd has been persisting since about f3 or f4 and since then,
> I have had to disable selinux to get it to work. After all of this time,
> there must be a way for linux software to co-exist with selinux?
>
> Xorg.0.log excerpt:
>
> (**) Option "Protocol" "IMPS/2"
> (**) LircMouse: Device: "/dev/lircm"
> (**) LircMouse: Protocol: "IMPS/2"
> (**) Option "SendCoreEvents"
> (**) LircMouse: always reports core events
> (**) Option "Device" "/dev/lircm"
> (EE) xf86OpenSerial: Cannot open device /dev/lircm
> Permission denied.
> (EE) LircMouse: cannot open input device
> (EE) PreInit failed for input device "LircMouse"
> (II) UnloadModule: "mouse"
>
>>From the SELinux troubleshooter:
>
> SELinux is preventing /usr/bin/Xorg (xdm_xserver_t) "read write" to
> (device_t).
>
> Raw Audit Messages:
>
> avc: denied { read write } for comm=X dev=tmpfs egid=0 euid=0
> exe=/usr/bin/Xorg exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name=lircm pid=2076
> scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 sgid=0
> subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 suid=0 tclass=fifo_file
> tcontext=system_ubject_r:device_t:s0 tty=tty7 uid=0
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
We do not have a mapping for the device. If you

chcon -t mouse_device_t /dev/lircm

It should work.

Did you ever report this as a bugzilla?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFHQeybrlYvE4MpobMRAiZgAKDWth9BJkEHGIL8OiNyYN HxSKDPFwCfTUGj
4y9Wq2gxhaMUZybrfykIVlo=
=mlxc
-----END PGP SIGNATURE-----

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 
Old 11-19-2007, 07:08 PM
Daniel J Walsh
 
Default selinux blocks lircmd

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Daniel J Walsh wrote:
> kwhiskerz wrote:
>> SELinux is blocking the lircmd remote-controlled mouse from starting.
>
>> I have lirc properly set up and am able to use it to control amarok, kaffeine
>> &c when I start irkick, so I know that the remote is not defective and that
>> the system is reading the signals sent.
>
>> I use the lircm mouse to control programs remotely. I have the mouse defined
>> in xorg.conf and it used to work perfectly in f7 (when I had, in frustration,
>> disabled selinux).
>
>> In f8, I insist on finally using selinux in the default enforcing mode. The
>> problem with lircmd has been persisting since about f3 or f4 and since then,
>> I have had to disable selinux to get it to work. After all of this time,
>> there must be a way for linux software to co-exist with selinux?
>
>> Xorg.0.log excerpt:
>
>> (**) Option "Protocol" "IMPS/2"
>> (**) LircMouse: Device: "/dev/lircm"
>> (**) LircMouse: Protocol: "IMPS/2"
>> (**) Option "SendCoreEvents"
>> (**) LircMouse: always reports core events
>> (**) Option "Device" "/dev/lircm"
>> (EE) xf86OpenSerial: Cannot open device /dev/lircm
>> Permission denied.
>> (EE) LircMouse: cannot open input device
>> (EE) PreInit failed for input device "LircMouse"
>> (II) UnloadModule: "mouse"
>
>> >From the SELinux troubleshooter:
>
>> SELinux is preventing /usr/bin/Xorg (xdm_xserver_t) "read write" to
>> (device_t).
>
>> Raw Audit Messages:
>
>> avc: denied { read write } for comm=X dev=tmpfs egid=0 euid=0
>> exe=/usr/bin/Xorg exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name=lircm pid=2076
>> scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 sgid=0
>> subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 suid=0 tclass=fifo_file
>> tcontext=system_ubject_r:device_t:s0 tty=tty7 uid=0
>
>> --
>> fedora-selinux-list mailing list
>> fedora-selinux-list@redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
> We do not have a mapping for the device. If you
>
> chcon -t mouse_device_t /dev/lircm
>
> It should work.
>
> Did you ever report this as a bugzilla?

- --
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

Fixed in selinux-policy-3.0.8-58.fc8

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFHQe0xrlYvE4MpobMRArSaAKDdZL9f29tmmGyKx1kVrB mAjph35wCfTa75
OMWsJaXP+4k7ae3fEIgH0Hg=
=e6u0
-----END PGP SIGNATURE-----

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 
Old 11-22-2007, 05:03 PM
scorpion_9
 
Default selinux blocks lircmd

Daniel J Walsh wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> kwhiskerz wrote:
>> SELinux is blocking the lircmd remote-controlled mouse from starting.
>>
>> I have lirc properly set up and am able to use it to control amarok,
>> kaffeine
>> &c when I start irkick, so I know that the remote is not defective and
>> that
>> the system is reading the signals sent.
>>
>> I use the lircm mouse to control programs remotely. I have the mouse
>> defined
>> in xorg.conf and it used to work perfectly in f7 (when I had, in
>> frustration,
>> disabled selinux).
>>
>> In f8, I insist on finally using selinux in the default enforcing mode.
>> The
>> problem with lircmd has been persisting since about f3 or f4 and since
>> then,
>> I have had to disable selinux to get it to work. After all of this time,
>> there must be a way for linux software to co-exist with selinux?
>>
>> Xorg.0.log excerpt:
>>
>> (**) Option "Protocol" "IMPS/2"
>> (**) LircMouse: Device: "/dev/lircm"
>> (**) LircMouse: Protocol: "IMPS/2"
>> (**) Option "SendCoreEvents"
>> (**) LircMouse: always reports core events
>> (**) Option "Device" "/dev/lircm"
>> (EE) xf86OpenSerial: Cannot open device /dev/lircm
>> Permission denied.
>> (EE) LircMouse: cannot open input device
>> (EE) PreInit failed for input device "LircMouse"
>> (II) UnloadModule: "mouse"
>>
>>>From the SELinux troubleshooter:
>>
>> SELinux is preventing /usr/bin/Xorg (xdm_xserver_t) "read write" to
>> (device_t).
>>
>> Raw Audit Messages:
>>
>> avc: denied { read write } for comm=X dev=tmpfs egid=0 euid=0
>> exe=/usr/bin/Xorg exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name=lircm
>> pid=2076
>> scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 sgid=0
>> subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 suid=0
>> tclass=fifo_file
>> tcontext=system_ubject_r:device_t:s0 tty=tty7 uid=0
>>
>> --
>> fedora-selinux-list mailing list
>> fedora-selinux-list@redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
> We do not have a mapping for the device. If you
>
> chcon -t mouse_device_t /dev/lircm
>
> It should work.
>
> Did you ever report this as a bugzilla?
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
>
> iD8DBQFHQeybrlYvE4MpobMRAiZgAKDWth9BJkEHGIL8OiNyYN HxSKDPFwCfTUGj
> 4y9Wq2gxhaMUZybrfykIVlo=
> =mlxc
> -----END PGP SIGNATURE-----
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
>
Hi, I have the same problem and I tried what you said. It gives me:
[root@desitter ~]# chcon -t mouse_device_t /dev/lircm
chcon: failed to change context of /dev/lircm to
system_ubject_r:mouse_device_t:s0: Permission denied

I also tried the selinux-policy-3.0.8-58.fc8 rpm. Same error. I can't get
the /dev/lircm work with X.
--
View this message in context: http://www.nabble.com/selinux-blocks-lircmd-tf4827770.html#a13871620
Sent from the Fedora SELinux List mailing list archive at Nabble.com.

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 
Old 11-26-2007, 05:29 PM
kwhiskerz
 
Default selinux blocks lircmd

Dan might be working on it. At least he seemed to be before the Thanksgiving
week started (we only get one day).

The only way I have been able to get it working was to use selinux in
permissive... but that defeats the purpose, since it's only displaying errors
but not doing its job.

Hopefully this will be solved once and for all. The problem has existed since
selinux was first incorporated and resolution is long overdue.

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 

Thread Tools




All times are GMT. The time now is 04:48 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org