Bug 1264664
Summary: | SELinux is preventing /usr/sbin/ufdbgclient from write access on the sock_file ufdbguardd-03977. | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Brian J. Murrell <brian> |
Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> |
Status: | CLOSED WONTFIX | QA Contact: | BaseOS QE Security Team <qe-baseos-security> |
Severity: | high | Docs Contact: | |
Priority: | unspecified | ||
Version: | 7.1 | CC: | lvrabec, mgrepl, mmalik, plautrba, pvrabec, ssekidde |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2015-12-18 11:01:14 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Brian J. Murrell
2015-09-20 11:24:37 UTC
Brian, the problem is there is no policy for ufdbguardd. You would need to create a new one or you can create a local policy rule to allow this rule. # grep ufdbgclient /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp If you would like to go with a new policy, please contact selinux.org. Thank you. |