SELinux and Thinkpad ACPI (part 1: screen blank)
Matthew Saltzman
mjs at ces.clemson.edu
Sun Jul 3 20:27:43 UTC 2005
The ACPI scripts that I use to turn off the screen and suspend to RAM no
longer function in FC4 (worked fine in FC3). The screen blank script is
invoked on Fn-F3 and contains:
#!/bin/sh
if [ -f /var/tmp/acpi-lightoff ]; then
/usr/sbin/radeontool light on
/bin/rm /var/tmp/acpi-lightoff
else
/usr/sbin/radeontool light off
/bin/touch /var/tmp/acpi-lightoff
When the script is invoked, the following messages are generated in /var/log/acpid:
[Sun Jul 3 16:15:50 2005] received event "ibm/hotkey HKEY 00000080 00001003"
[Sun Jul 3 16:15:50 2005] notifying client 2531[0:0]
[Sun Jul 3 16:15:50 2005] notifying client 3068[500:500]
[Sun Jul 3 16:15:50 2005] executing action "/etc/acpi/actions/Fn-F3.sh"
[Sun Jul 3 16:15:50 2005] BEGIN HANDLER MESSAGES
Radeon hardware not found in lspci output.
/bin/touch: cannot touch `/var/tmp/acpi-lightoff': Permission denied
[Sun Jul 3 16:15:50 2005] END HANDLER MESSAGES
[Sun Jul 3 16:15:50 2005] action exited with status 1
[Sun Jul 3 16:15:50 2005] completed event "ibm/hotkey HKEY 00000080 00001003"
And the following are generated in /var/log/audit/audit.log:
type=PATH msg=audit(1120421750.387:2653913): item=0 name="/var/tmp/acpi-lightoff" flags=1 inode=906756 dev=fd:00 mode=041777 ouid=0 ogid=0 rdev=00:00
type=Unknown msg=audit(1120421750.387:2653913): cwd="/"
type=SYSCALL msg=audit(1120421750.387:2653913): arch=40000003 syscall=195 success=no exit=-13 a0=9a02228 a1=bfef4278 a2=4bfff4 a3=9a022b8 items=1 pid=27793 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="Fn-F3.sh" exe="/bin/bash"
type=AVC msg=audit(1120421750.387:2653913): avc: denied { search } for pid=27793 comm="Fn-F3.sh" name="tmp" dev=dm-0 ino=906756 scontext=system_u:system_r:apmd_t tcontext=system_u:object_r:tmp_t tclass=dir
type=PATH msg=audit(1120421750.466:2654723): item=0 name="/usr/share/hwdata/pci.ids" flags=101 inode=809685 dev=fd:00 mode=0100644 ouid=0 ogid=0 rdev=00:00
type=Unknown msg=audit(1120421750.466:2654723): cwd="/"
type=SYSCALL msg=audit(1120421750.466:2654723): arch=40000003 syscall=5 success=no exit=-13 a0=8054e5c a1=0 a2=fbad8001 a3=0 items=1 pid=27795 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="lspci" exe="/sbin/lspci"
type=AVC msg=audit(1120421750.466:2654723): avc: denied { read } for pid=27795 comm="lspci" name="pci.ids" dev=dm-0 ino=809685 scontext=system_u:system_r:apmd_t tcontext=system_u:object_r:usr_t tclass=file
type=PATH msg=audit(1120421750.481:2654836): item=0 name="/var/tmp/acpi-lightoff" flags=310 inode=906756 dev=fd:00 mode=041777 ouid=0 ogid=0 rdev=00:00
type=Unknown msg=audit(1120421750.481:2654836): cwd="/"
type=SYSCALL msg=audit(1120421750.481:2654836): arch=40000003 syscall=5 success=no exit=-13 a0=bfefdeef a1=8941 a2=1b6 a3=8941 items=1 pid=27796 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="touch" exe="/bin/touch"
type=AVC msg=audit(1120421750.481:2654836): avc: denied { search } for pid=27796 comm="touch" name="tmp" dev=dm-0 ino=906756 scontext=system_u:system_r:apmd_t tcontext=system_u:object_r:tmp_t tclass=dir
type=PATH msg=audit(1120421750.481:2654837): item=0 name="/var/tmp/acpi-lightoff" flags=1 inode=906756 dev=fd:00 mode=041777 ouid=0 ogid=0 rdev=00:00
type=Unknown msg=audit(1120421750.481:2654837): cwd="/"
type=SYSCALL msg=audit(1120421750.481:2654837): arch=40000003 syscall=30 success=no exit=-13 a0=bfefdeef a1=0 a2=804f8bc a3=bfefdeef items=1 pid=27796 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="touch" exe="/bin/touch"
type=AVC msg=audit(1120421750.481:2654837): avc: denied { search } for pid=27796 comm="touch" name="tmp" dev=dm-0 ino=906756 scontext=system_u:system_r:apmd_t tcontext=system_u:object_r:tmp_t tclass=dir
I'll post the suspend script results separately.
Thanks.
--
Matthew Saltzman
Clemson University Math Sciences
mjs AT clemson DOT edu
http://www.math.clemson.edu/~mjs
More information about the fedora-selinux-list
mailing list