Bug 1158835
| Summary: | selinux warning on logrotate on F21 | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Nikos Mavrogiannopoulos <nmavrogi> | ||||
| Component: | selinux-policy | Assignee: | Lukas Vrabec <lvrabec> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 21 | CC: | dominick.grift, dwalsh, kaemail88, lvrabec, mgrepl, plautrba | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | selinux-policy-3.13.1-99.fc21 | Doc Type: | Bug Fix | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2014-12-03 17:15:20 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Thank you Nikos, We know about this issue. commit 0ed7da1ba2b92e9f7065329fe2f1972fe9805bef
Author: Lukas Vrabec <lvrabec>
Date: Thu Oct 30 12:52:07 2014 +0100
Label also logrotate.status.tmp as logrotate_var_lib_t. BZ(1158835
https://github.com/selinux-policy/selinux-policy/commit/19d2ea0080e1481371c6e4d265fbeacad09074a2
selinux-policy-3.13.1-99.fc21 has been submitted as an update for Fedora 21. https://admin.fedoraproject.org/updates/selinux-policy-3.13.1-99.fc21 selinux-policy-3.13.1-99.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report. this keeps popping up everyday "SELinux is preventing logrotate from read access on the directory /var/cache/dnf." Is it ok to allow logrotate read access ? Yes, we are working on another bugzilla to get the log file moved out of /var/cache/dnf into a more appropriate directory under /var/log |
Created attachment 952055 [details] The details output After installing F21 I got the following popup: SELinux has detected a problem. The source process: /usr/sbin/logrotate Attempted this access: create On this file: logrotate.status.tmp That is a system deamon which I didn't install separately and shouldn't have generated any warning.