allow gdm and iiosensorproxy talk to each other via D-bus #2473

milosmalik · 2024-12-11T08:50:43Z

GDM initiated processes (running as xdm_t) want to call the following D-bus interface, which belongs to the iio-sensor-proxy service, but SELinux denies that action:

net.hadess.SensorProxy.ClaimAccelerometer

As a result, the following error message appears in the systemd journal:

gnome-shell[...]: Failed to claim accelerometer: GDBus.Error:org.freedesktop.DBus.Error.AccessDenied: Sender is not authorized to send message

A successful D-bus communication in both directions is needed for proper function of this scenario:

xdm_t -> send_msg -> iiosensorproxy_t
iiosensorproxy_t -> send_msg -> xdm_t

Resolves: RHEL-70850

GDM initiated processes (running as xdm_t) want to call the following D-bus interface, which belongs to the iio-sensor-proxy service, but SELinux denies that action: * net.hadess.SensorProxy.ClaimAccelerometer As a result, the following error message appears in the systemd journal: gnome-shell[...]: Failed to claim accelerometer: GDBus.Error:org.freedesktop.DBus.Error.AccessDenied: Sender is not authorized to send message A successful D-bus communication in both directions is needed for proper function of this scenario: * xdm_t -> send_msg -> iiosensorproxy_t * iiosensorproxy_t -> send_msg -> xdm_t Resolves: RHEL-70850

zpytela · 2024-12-11T15:05:17Z

Merging, thank you.

zpytela merged commit dd281fa into fedora-selinux:rawhide Dec 11, 2024
3 of 4 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

allow gdm and iiosensorproxy talk to each other via D-bus #2473

allow gdm and iiosensorproxy talk to each other via D-bus #2473

milosmalik commented Dec 11, 2024

zpytela commented Dec 11, 2024

allow gdm and iiosensorproxy talk to each other via D-bus #2473

allow gdm and iiosensorproxy talk to each other via D-bus #2473

Conversation

milosmalik commented Dec 11, 2024

zpytela commented Dec 11, 2024