Bug 1308704
Summary: | SELinux file contexts for TripleO ISO | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Thom Carlin <tcarlin> |
Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> |
Status: | CLOSED NOTABUG | QA Contact: | BaseOS QE Security Team <qe-baseos-security> |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | 7.2 | CC: | lvrabec, mgrepl, mmalik, plautrba, pvrabec, ssekidde, tcarlin |
Target Milestone: | pre-dev-freeze | Keywords: | Triaged |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-08-17 10:54:44 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Thom Carlin
2016-02-15 19:36:38 UTC
In QCI 1.0: type=AVC msg=audit(1470268404.190:354): avc: denied { create } for pid=10341 comm="gdm-session-wor" name=".cache" scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:admin_home_t:s0 tclass=dir type=AVC msg=audit(1470281262.458:1948): avc: denied { dac_override } for pid=20052 comm="ovs-vsctl" capability=1 scontext=system_u:system_r:openvswitch_t:s0 tcontext=system_u:system_r:openvswitch_t:s0 tclass=capability Per QCI developers, switching to RHEL Is it still relevant? Do you still see mislabeled files when running restorecon in this scenario? No, this is no longer needed Thanks Thom |