On 3-10-13 19:55:25 Jean-David Beyer wrote:
On 03/10/2013 06:57 PM, Garry T. Williams wrote:
> I recently started seeing this:
>
> SELinux is preventing /usr/sbin/apcupsd (deleted) from read access
> on the file LCK...
>
> See
https://bugzilla.redhat.com/show_bug.cgi?id=917878 .
>
Any idea what OS you are using, version, etc.?
Sorry. I mentioned that in the BZ, but not here.
Fedora 18
apcupsd-3.14.10-7.fc18.x86_64
selinux-policy-3.11.1-82.fc18.noarch
selinux-policy-targeted-3.11.1-82.fc18.noarch
garry@vfr$ journalctl -b -p err|grep "SELinux is preventing"
Mar 04 20:34:49 vfr setroubleshoot[15845]: SELinux is preventing /usr/sbin/apcupsd
(deleted) from read access on the file LCK... For complete SELinux messages. run sealert
-l 5f0e7e41-4a9e-495f-85b4-44b81bb9414f
Mar 04 20:34:49 vfr setroubleshoot[15845]: SELinux is preventing /usr/sbin/apcupsd
(deleted) from read access on the file LCK... For complete SELinux messages. run sealert
-l 5f0e7e41-4a9e-495f-85b4-44b81bb9414f
Mar 04 20:34:49 vfr setroubleshoot[15845]: SELinux is preventing /usr/sbin/apcupsd
(deleted) from read access on the file LCK... For complete SELinux messages. run sealert
-l 5f0e7e41-4a9e-495f-85b4-44b81bb9414f
garry@vfr$
OK, I just did:
$ sudo systemctl restart apcupsd.service
and then toggled the mains to the UPS and the AVC is gone now.
A look at my log:
garry@vfr$ journalctl --since=2013-03-01|grep "yum"|grep selinux
Mar 02 17:02:53 vfr yum[21797]: Updated: libselinux-2.1.12-7.1.fc18.x86_64
Mar 02 17:07:36 vfr yum[21797]: Updated: libselinux-python-2.1.12-7.1.fc18.x86_64
Mar 02 17:07:37 vfr yum[21797]: Updated: libselinux-utils-2.1.12-7.1.fc18.x86_64
Mar 04 06:24:54 vfr yum[5379]: Updated: selinux-policy-3.11.1-82.fc18.noarch
Mar 04 06:26:20 vfr yum[5379]: Updated: selinux-policy-devel-3.11.1-82.fc18.noarch
Mar 04 06:26:23 vfr yum[5379]: Updated: selinux-policy-doc-3.11.1-82.fc18.noarch
Mar 04 06:26:59 vfr yum[5379]: Updated: selinux-policy-targeted-3.11.1-82.fc18.noarch
garry@vfr$
shows the problem hit after the last targeted update.
Hmmm.
I manually removed the LCK.. file and then bounced the server after
opening the bug. My shell history shows this:
sudo rm /run/lock/LCK..
with a time stamp of Mon Mar 4 21:15:55 2013, which is after I filed
the bug. I did this and after a minor power glitch, the logs didn't
show that apcupsd reported the power failure. (There were about 50(!)
brief power interruptions around that time.) I assumed that that
meant the AVC was still there. That was wrong, apparently.
I don't know how the LCK.. file got labeled wrong, but deleting it was
apparently the fix.
Sorry for the noise. I closed the BZ.
--
Garry T. Williams