Bug 1033027
Summary: | openlmi-hardware provider AVC denials | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Tomas Smetana <tsmetana> | ||||
Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> | ||||
Status: | CLOSED EOL | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
Severity: | unspecified | Docs Contact: | |||||
Priority: | unspecified | ||||||
Version: | 22 | CC: | dominick.grift, dwalsh, lvrabec, mgrepl | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2016-07-19 10:37:15 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Tomas Smetana
2013-11-21 12:52:35 UTC
BTW Pegasus should probably be an unconfined domain by default, since we have little idea of what people will do with it. f93e231aa1c987dd1261d6e21ef7deee80a47490 adds a transition from pegasus_t to dmidecode_t to fix this issue in git. Also added file name transition rules to make sure any content created via pegasus will get labeled correctly. This is caused by openlmi-providers-hardware which should get own policy or pegasus_openlmi_unconfined_t. There is a RHEL7 bug where we are working on it. Basically this is the same what we have for munin or nagios. So we don't to have unconfined_domain(pegasus) which could mask the fact that a policy is needed for a provider. We have pegasus_openlmi_unconfined_t domain for this. Also I should write a blog about it. This bug appears to have been reported against 'rawhide' during the Fedora 22 development cycle. Changing version to '22'. More information and reason for this action is here: https://fedoraproject.org/wiki/Fedora_Program_Management/HouseKeeping/Fedora22 Fedora 22 changed to end-of-life (EOL) status on 2016-07-19. Fedora 22 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed. |