Question Details


SELinux Denial when Connecting to Internet From HSDPA modem in Fedora 10

By Dananjaya Ramanayake - Apr. 27, 2009

Does anybody gets this SELinux Denial alert when connecting to Internet from HSDPA modem? (Huawei e160)


SELinux is preventing NetworkManager (NetworkManager_t) "getattr" to /dev/ppp


Detailed Description:

SELinux denied access requested by NetworkManager. It is not expected that this

access is required by NetworkManager and this access may signal an intrusion

attempt. It is also possible that the specific version or configuration of the

application is causing it to require additional access.

Allowing Access:

Sometimes labeling problems can cause SELinux denials. You could try to restore

the default system file context for /dev/ppp,

restorecon -v '/dev/ppp'

If this does not work, there is currently no automatic way to allow this access.

Instead, you can generate a local policy module to allow this access - see FAQ

( Or you can disable

SELinux protection altogether. Disabling SELinux protection is not recommended.

Please file a bug report (

against this package.

Additional Information:

Source Context system_u:system_r:NetworkManager_t:s0

Target Context system_u:object_r:ppp_device_t:s0

Target Objects /dev/ppp [ chr_file ]

Source NetworkManager

Source Path /usr/sbin/NetworkManager


Host localhost.localdomain

Source RPM Packages NetworkManager-

Target RPM Packages

Policy RPM selinux-policy-3.5.13-18.fc10

Selinux Enabled True

Policy Type targeted

MLS Enabled True

Enforcing Mode Permissive

Plugin Name catchall_file

Host Name localhost.localdomain

Platform Linux localhost.localdomain

#1 SMP Tue Nov 18 12:19:59 EST 2008 i686 i686

Alert Count 184

First Seen Tue 01 Jan 2002 07:15:15 AM LKT

Last Seen Mon 27 Apr 2009 11:28:07 PM IST

Local ID f061b0b9-e8d7-4461-bdb5-d0a11d57954e

Line Numbers

Raw Audit Messages

node=localhost.localdomain type=AVC msg=audit(1240855087.220:90): avc: denied { getattr } for pid=2042 comm="NetworkManager" path="/dev/ppp" dev=tmpfs ino=2241 scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:object_r:ppp_device_t:s0 tclass=chr_file

node=localhost.localdomain type=SYSCALL msg=audit(1240855087.220:90): arch=40000003 syscall=195 success=yes exit=0 a0=80ab45a a1=bfe11714 a2=c2cff4 a3=8080820 items=0 ppid=1 pid=2042 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="NetworkManager" exe="/usr/sbin/NetworkManager" subj=system_u:system_r:NetworkManager_t:s0 key=(null)

I use fedora 10 and my modem is Huawei e160

any suggestions or pointers to fix this thing?

Sometimes this cause to automatic disconnection and very annoying. I have got 181 errors of this sort. (Each time i Connect)

Do you think this is a bug. SELinux suggest to disable its protection to fix this but i think its not a good idea.


Add Answer
  1. By Jesse Babson on Apr. 27, 2009

    Can you simply disable SELinux and see if that works? Go to /etc/sysconfig/selinux and set the following value:


    If that works, then your device has SELinux issues. I've typically run my services without SELinux, with no real issues.

    0 Votes
  2. By Dananjaya Ramanayake on Apr. 27, 2009

    To Jesse,

    Thank you for your answer. Yes I wont get any errors when I disable SELinux.

    Are there any risks or any issues by disabling SELinux?

    Is there any way to Generate a local policy module in SELinux and allow access only for that device instead disabling protection altogether?

    0 Votes
  3. By George Murphy on Apr. 30, 2009

    For what it is worth, I think SELinux is really not worth the hassle. I too run it with this simply turned off. Make sure you have your iptables set up properly and you should be generally protected. I keep only my http and ssh ports open, and keep strong ssh passwords.

    0 Votes
Share your knowledge

Promote Open Source Knowledge by sharing your thoughts, listing Alternatives and Answering Questions!