DescriptionRichard Ryniker
2016-09-01 14:57:26 UTC
Description of problem:
System boot.
SELinux is preventing nfs-server-gene from 'open' accesses on the file /proc/fs/nfsd/export_features.
***** Plugin catchall (100. confidence) suggests **************************
If you believe that nfs-server-gene should be allowed open access on the export_features file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'nfs-server-gene' --raw | audit2allow -M my-nfsservergene
# semodule -X 300 -i my-nfsservergene.pp
Additional Information:
Source Context system_u:system_r:init_t:s0
Target Context system_u:object_r:nfsd_fs_t:s0
Target Objects /proc/fs/nfsd/export_features [ file ]
Source nfs-server-gene
Source Path nfs-server-gene
Port <Unknown>
Host (removed)
Source RPM Packages
Target RPM Packages
Policy RPM selinux-policy-3.13.1-191.13.fc24.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Permissive
Host Name (removed)
Platform Linux (removed) 4.6.7-300.fc24.x86_64 #1 SMP Wed
Aug 17 18:48:43 UTC 2016 x86_64 x86_64
Alert Count 4
First Seen 2016-08-30 10:45:32 EDT
Last Seen 2016-09-01 10:50:57 EDT
Local ID b1da46de-2597-4824-9c0d-318eccae5a3e
Raw Audit Messages
type=AVC msg=audit(1472741457.727:260): avc: denied { open } for pid=2910 comm="nfs-server-gene" path="/proc/fs/nfsd/export_features" dev="nfsd" ino=3 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:nfsd_fs_t:s0 tclass=file permissive=1
Hash: nfs-server-gene,init_t,nfsd_fs_t,file,open
Version-Release number of selected component:
selinux-policy-3.13.1-191.13.fc24.noarch
Additional info:
reporter: libreport-2.7.2
hashmarkername: setroubleshoot
kernel: 4.6.7-300.fc24.x86_64
type: libreport
Description of problem:
Something automatic, no specifically related action initiated by me within the last few minutes - have to go back several days or more, before anything I explicitly did may have affected this!
Additional info:
reporter: libreport-2.7.2
hashmarkername: setroubleshoot
kernel: 4.7.3-200.fc24.x86_64
type: libreport