Bug 1274963
Summary: | SELinux is preventing abrt-hook-ccpp from getattr access on the file file. | |||
---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | poma <pomidorabelisima> | |
Component: | selinux-policy-targeted | Assignee: | Miroslav Grepl <mgrepl> | |
Status: | CLOSED RAWHIDE | QA Contact: | Ben Levenson <benl> | |
Severity: | urgent | Docs Contact: | ||
Priority: | high | |||
Version: | rawhide | CC: | audrey, D8F55524, dwalsh, jfrieben, oliver.henshaw, rabin, raphael.brandis, vondruch | |
Target Milestone: | --- | |||
Target Release: | --- | |||
Hardware: | x86_64 | |||
OS: | Linux | |||
Whiteboard: | ||||
Fixed In Version: | selinux-policy-3.13.1-157.fc24 | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 1305611 (view as bug list) | Environment: | ||
Last Closed: | 2015-11-09 14:08:08 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: |
Description
poma
2015-10-24 06:07:54 UTC
I can confirm this bug. I've been getting the same message a lot over the past couple weeks, sometimes several times a day, both on Fedora 22 and now 23. Hi, See the AVC: type=AVC msg=audit(1445662768.344:625): avc: denied { getattr } for pid=2903 comm="abrt-hook-ccpp" path="ipc:[4026531839]" dev="nsfs" ino=4026531839 scontext=system_u:system_r:abrt_dump_oops_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0 => missing context for the nsfs device Same cause as bug https://bugzilla.redhat.com/show_bug.cgi?id=1234757#c7 , same resolution (see nsfs_fix.patch to be applied to the selinux-policy repo: https://bugzilla.redhat.com/attachment.cgi?id=1090403 ). Best regards, Sébastien @Seb L I'm sorry, I don't understand. Are you suggesting we apply the patch file to the SELinux source code and recompile it ourselves? *** Bug 1276430 has been marked as a duplicate of this bug. *** *** Bug 1276719 has been marked as a duplicate of this bug. *** *** Bug 1276720 has been marked as a duplicate of this bug. *** |