Bug 1317960

Summary: spice-vdagentd selinux avc denial: getattr on /sys/fs/cgroup
Product: [Fedora] Fedora Reporter: Mairi Dulaney <jdulaney>
Component: spice-vdagentAssignee: Christophe Fergeau <cfergeau>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 24CC: alon, cfergeau, jdulaney, marcandre.lureau, robatino, sandmann, virt-maint
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-03-15 18:59:46 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1230435    

Description Mairi Dulaney 2016-03-15 15:39:07 UTC 
Description of problem:

Received AVC denial against spice-vdagentd due to getattr n /sys/fs/cgroup

Not quite sure if this is a SELinux policy issue, or spice-vdagent, so going with spice for now.  This occurs when first booting the F24 Alpha1.1 Workstation Live

Version-Release number of selected component (if applicable):
spice-vdagent-0.16.0-3

selinux-policy-3.13.1-176

How reproducible:
Always

Steps to Reproduce:
1.  Boot workstation live
2.  Look at avc denials
Comment 1 Fedora Blocker Bugs Application 2016-03-15 15:43:36 UTC 
Proposed as a Blocker for 24-final by Fedora user jdulaney using the blocker tracking app because:

 Getting an SELinux denial

There must be no SELinux denial notifications or crash notifications on boot of or during installation from a release-blocking live image, or at first login after a default install of a release-blocking desktop.
Comment 2 Mairi Dulaney 2016-03-15 18:59:46 UTC 

*** This bug has been marked as a duplicate of bug 1276251 ***