SELinux is preventing /usr/sbin/apcupsd (deleted) from read access on the file LCK...

Garry T. Williams gtwilliams at gmail.com
Mon Mar 11 01:26:38 UTC 2013 

On 3-10-13 19:55:25 Jean-David Beyer wrote:
> On 03/10/2013 06:57 PM, Garry T. Williams wrote:
> > I recently started seeing this:
> > 
> >     SELinux is preventing /usr/sbin/apcupsd (deleted) from read access
> >     on the file LCK...
> > 
> > See https://bugzilla.redhat.com/show_bug.cgi?id=917878 .
> > 
> Any idea what OS you are using, version, etc.?

Sorry.  I mentioned that in the BZ, but not here.

    Fedora 18

    apcupsd-3.14.10-7.fc18.x86_64
    selinux-policy-3.11.1-82.fc18.noarch
    selinux-policy-targeted-3.11.1-82.fc18.noarch

    garry at vfr$ journalctl -b -p err|grep "SELinux is preventing"
    Mar 04 20:34:49 vfr setroubleshoot[15845]: SELinux is preventing /usr/sbin/apcupsd (deleted) from read access on the file LCK... For complete SELinux messages. run sealert -l 5f0e7e41-4a9e-495f-85b4-44b81bb9414f
    Mar 04 20:34:49 vfr setroubleshoot[15845]: SELinux is preventing /usr/sbin/apcupsd (deleted) from read access on the file LCK... For complete SELinux messages. run sealert -l 5f0e7e41-4a9e-495f-85b4-44b81bb9414f
    Mar 04 20:34:49 vfr setroubleshoot[15845]: SELinux is preventing /usr/sbin/apcupsd (deleted) from read access on the file LCK... For complete SELinux messages. run sealert -l 5f0e7e41-4a9e-495f-85b4-44b81bb9414f
    garry at vfr$

OK, I just did:

    $ sudo systemctl restart apcupsd.service

and then toggled the mains to the UPS and the AVC is gone now.

A look at my log:

    garry at vfr$ journalctl --since=2013-03-01|grep "yum"|grep selinux
    Mar 02 17:02:53 vfr yum[21797]: Updated: libselinux-2.1.12-7.1.fc18.x86_64
    Mar 02 17:07:36 vfr yum[21797]: Updated: libselinux-python-2.1.12-7.1.fc18.x86_64
    Mar 02 17:07:37 vfr yum[21797]: Updated: libselinux-utils-2.1.12-7.1.fc18.x86_64
    Mar 04 06:24:54 vfr yum[5379]: Updated: selinux-policy-3.11.1-82.fc18.noarch
    Mar 04 06:26:20 vfr yum[5379]: Updated: selinux-policy-devel-3.11.1-82.fc18.noarch
    Mar 04 06:26:23 vfr yum[5379]: Updated: selinux-policy-doc-3.11.1-82.fc18.noarch
    Mar 04 06:26:59 vfr yum[5379]: Updated: selinux-policy-targeted-3.11.1-82.fc18.noarch
    garry at vfr$

shows the problem hit after the last targeted update.

Hmmm.

I manually removed the LCK.. file and then bounced the server after
opening the bug.  My shell history shows this:

    sudo rm /run/lock/LCK..

with a time stamp of Mon Mar 4 21:15:55 2013, which is after I filed
the bug.  I did this and after a minor power glitch, the logs didn't
show that apcupsd reported the power failure.  (There were about 50(!)
brief power interruptions around that time.)  I assumed that that
meant the AVC was still there.  That was wrong, apparently.

I don't know how the LCK.. file got labeled wrong, but deleting it was
apparently the fix.

Sorry for the noise.  I closed the BZ.

-- 
Garry T. Williams

More information about the selinux mailing list