Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.

Bug 119581

Summary: screen reports Permission denied
Product: [Fedora] Fedora Reporter: Gregory Gulik <greg>
Component: screenAssignee: Daniel Reed <djr>
Status: CLOSED CURRENTRELEASE QA Contact: Brock Organ <borgan>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: dwalsh, twaugh
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-11-06 18:17:04 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 122683    
Attachments:
Description Flags
SELinux audit2allow output (what screen can't access) none

Description Gregory Gulik 2004-03-31 15:47:50 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040124

Description of problem:
When running the screen program as a regular user I get the following
error:
[greg@dell8100 greg]$ screen
Cannot make directory '/tmp/uscreens': Permission denied

Version-Release number of selected component (if applicable):
screen-4.14-3

How reproducible:
Always

Steps to Reproduce:
1. Log in
2. Open Terminal
3. Type "screen"
    

Actual Results:  [greg@dell8100 greg]$ screen
Cannot make directory '/tmp/uscreens': Permission denied

Expected Results:  Screen should start up.

Additional info:

Does not run as "root" either.
Comment 1 Daniel Reed 2004-04-01 21:24:28 UTC 
Please paste the output of: rpm -q --whatprovides `which screen`

There is no upstream version 4.14, nor am I seeing anything tagged as
4.14-3 internally. Also, our screen package should be using ~/.screen/
for its socket directory, not /tmp/uscreens/.
Comment 2 Gregory Gulik 2004-04-01 21:33:56 UTC 
Sorry, the version number was a typo.  Here is the correct information:

[greg@dell8100 greg]$ rpm -q --whatprovides `which screen`
screen-4.0.1-4
[greg@dell8100 greg]$ uname -a
Linux dell8100 2.6.3-2.1.253.2.1 #1 Fri Mar 12 14:01:55 EST 2004 i686
i686 i386 GNU/Linux
[greg@dell8100 greg]$ screen
Cannot make directory '/tmp/screens': Permission denied

This was a fresh install on a spare hard drive.
Comment 3 Lon Hohberger 2004-04-01 22:49:23 UTC 
Created attachment 99054 [details]
SELinux audit2allow output (what screen can't access)

This appears to be a policy issue with SELinux.  For now, you can type (as
root:sysadm_r:sysadm_t): "setenforce 0" to get screen running.
Comment 4 Lon Hohberger 2004-04-01 22:49:54 UTC 
Obvious note: ignore xdm_t line.
Comment 5 Tim Waugh 2004-04-03 11:12:04 UTC 
Adding 'tmp_domain($1_screen)' to macros/program/screen_macros.te gets
further:

$ screen
audit(1080990982.120:0): avc:  denied  { read } for  pid=3266
exe=/usr/bin/screen name=xterm dev=hdb1 ino=1171500
scontext=user_u:user_r:user_screen_t tcontext=system_u:object_r:usr_t
tclass=file
Cannot find terminfo entry for 'xterm'.

Perhaps this is /usr/share/terminfo/x/xterm?
Comment 6 Tim Waugh 2004-04-03 11:16:10 UTC 
Adding 'allow $1_screen_t usr_t:file { read };' to
macros/program/screen_macros.te fixes this, and makes screen start up
with no problems.

Don't know if terminfo files should have any special file contexts.
Comment 7 Daniel Walsh 2004-04-03 13:09:36 UTC 
Added fixes in policy-1.9.2-10.

Lon lets sit down on Monday and work our way through the rest of these.


Dan
Comment 8 Daniel Reed 2004-11-06 18:17:04 UTC 
Please reopen if you are still having difficulties. Thanks.