selinux and acpi actions...

Bikehead bikehead at amberpoint.com
Wed May 18 14:38:50 UTC 2005


I probably don't since I'm trying to get suspend to memory.  However, I 
am using the instructions for acpi action scripts from this site: 
http://www.cs.usfca.edu/~afedosov/thinkpad/acpi.shtml.  It is writing to 
/tmp/suspended in order to protect against a problem where the power 
event was triggered after a resume from suspend to disk so that the 
powerbutton.sh action could differentiate between a true shutdown and a 
resume.

   __o
 _-\<,_   Brian
(_)/ (_)  



Daniel J Walsh wrote:

> Bikehead wrote:
>
>> I have FC4T3 synced up to the latest dev changes (5/15/05).  I'm 
>> having trouble with getting acpi actions to work with SElinux 
>> enabled.  I made a lid event in /etc/acpi/events that invokes a sleep 
>> script in /etc/acpi/actions/sleep.sh.  The sleep script does a touch 
>> /tmp/suspend and then 'echo mem> /sys/power/state'. I set the context 
>> to system_u:object_r:etc_t, same as the /etc/acpi/events/sample.conf.
>> When I close the lid the system doesn't suspend.  The /var/logs/acpid 
>> says that 'touch: cannot touch '/tmp/suspended': Permission denied' 
>> and /etc/acpi/actions/sleep.sh: line 5: /sys/power/state: Permission 
>> denied'.  The /var/logs/audit/audit.log say 'type=(null) msg=(null)' 
>> about 20 times, but no other info.
>>
>> If I setenforce 0 and close the lid then all works fine.
>>
>> What am I doing wrong?  Thanks.
>>
>>
> Why do you want to touch /tmp/suspended?  I can add tmp_domain(apmd) 
> and I have allready allowed it to write to /sys/power.
>
> Dan
>




More information about the test mailing list