5:57 p.m.
I recently started seeing this:
SELinux is preventing /usr/sbin/apcupsd (deleted) from read access
on the file LCK...
See https://bugzilla.redhat.com/show_bug.cgi?id=917878 .
--
Garry T. Williams
6:55 p.m.
On 03/10/2013 06:57 PM, Garry T. Williams wrote:
I recently started seeing this:
SELinux is preventing /usr/sbin/apcupsd (deleted) from read access
on the file LCK...
See https://bugzilla.redhat.com/show_bug.cgi?id=917878 .
Any idea what OS you are using, version, etc.?
I run
$ cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.4 (Santiago)
$ rpm -q apcupsd
apcupsd-3.14.10-1.el6.x86_64
$ rpm -qa | grep selinux
selinux-policy-3.7.19-195.el6_4.1.noarch
selinux-policy-targeted-3.7.19-195.el6_4.1.noarch
libselinux-2.0.94-5.3.el6.i686
libselinux-utils-2.0.94-5.3.el6.x86_64
libselinux-python-2.0.94-5.3.el6.x86_64
libselinux-2.0.94-5.3.el6.x86_64
[/var/log]# grep "SELinux is preventing" messages*
[/var/log]#
8:26 p.m.
On 3-10-13 19:55:25 Jean-David Beyer wrote:
On 03/10/2013 06:57 PM, Garry T. Williams wrote:
> I recently started seeing this:
>
> SELinux is preventing /usr/sbin/apcupsd (deleted) from read access
> on the file LCK...
>
> See https://bugzilla.redhat.com/show_bug.cgi?id=917878 .
>
Any idea what OS you are using, version, etc.?
Sorry. I mentioned that in the BZ, but not here.
Fedora 18
apcupsd-3.14.10-7.fc18.x86_64
selinux-policy-3.11.1-82.fc18.noarch
selinux-policy-targeted-3.11.1-82.fc18.noarch
garry@vfr$ journalctl -b -p err|grep "SELinux is preventing"
Mar 04 20:34:49 vfr setroubleshoot[15845]: SELinux is preventing /usr/sbin/apcupsd
(deleted) from read access on the file LCK... For complete SELinux messages. run sealert
-l 5f0e7e41-4a9e-495f-85b4-44b81bb9414f
Mar 04 20:34:49 vfr setroubleshoot[15845]: SELinux is preventing /usr/sbin/apcupsd
(deleted) from read access on the file LCK... For complete SELinux messages. run sealert
-l 5f0e7e41-4a9e-495f-85b4-44b81bb9414f
Mar 04 20:34:49 vfr setroubleshoot[15845]: SELinux is preventing /usr/sbin/apcupsd
(deleted) from read access on the file LCK... For complete SELinux messages. run sealert
-l 5f0e7e41-4a9e-495f-85b4-44b81bb9414f
garry@vfr$
OK, I just did:
$ sudo systemctl restart apcupsd.service
and then toggled the mains to the UPS and the AVC is gone now.
A look at my log:
garry@vfr$ journalctl --since=2013-03-01|grep "yum"|grep selinux
Mar 02 17:02:53 vfr yum[21797]: Updated: libselinux-2.1.12-7.1.fc18.x86_64
Mar 02 17:07:36 vfr yum[21797]: Updated: libselinux-python-2.1.12-7.1.fc18.x86_64
Mar 02 17:07:37 vfr yum[21797]: Updated: libselinux-utils-2.1.12-7.1.fc18.x86_64
Mar 04 06:24:54 vfr yum[5379]: Updated: selinux-policy-3.11.1-82.fc18.noarch
Mar 04 06:26:20 vfr yum[5379]: Updated: selinux-policy-devel-3.11.1-82.fc18.noarch
Mar 04 06:26:23 vfr yum[5379]: Updated: selinux-policy-doc-3.11.1-82.fc18.noarch
Mar 04 06:26:59 vfr yum[5379]: Updated: selinux-policy-targeted-3.11.1-82.fc18.noarch
garry@vfr$
shows the problem hit after the last targeted update.
Hmmm.
I manually removed the LCK.. file and then bounced the server after
opening the bug. My shell history shows this:
sudo rm /run/lock/LCK..
with a time stamp of Mon Mar 4 21:15:55 2013, which is after I filed
the bug. I did this and after a minor power glitch, the logs didn't
show that apcupsd reported the power failure. (There were about 50(!)
brief power interruptions around that time.) I assumed that that
meant the AVC was still there. That was wrong, apparently.
I don't know how the LCK.. file got labeled wrong, but deleting it was
apparently the fix.
Sorry for the noise. I closed the BZ.
--
Garry T. Williams
4089
days inactive
4090
days old
selinux@lists.fedoraproject.org
2 comments
2 participants
participants (2)
-
Garry Williams -
Jean-David Beyer