Bug 1377276

Summary: [Hyper-v][RHEL7.3]hypervkvpd cannot communicate with NetworkManager via D-bus
Product: Red Hat Enterprise Linux 7 Reporter: xuli <xuli>
Component: selinux-policyAssignee: Lukas Vrabec <lvrabec>
Status: CLOSED ERRATA QA Contact: Milos Malik <mmalik>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.3CC: ailan, boyang, cavery, hhei, jopoulso, kys, ldu, leiwang, linl, lvrabec, mgrepl, mmalik, plautrba, pvrabec, ssekidde, v-chvale, vkuznets, xiaofwan, xuli, yacao
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: selinux-policy-3.13.1-175.el7 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-04-10 12:24:04 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 1370511, 1401400    

Description xuli 2016-09-19 11:19:28 UTC 
Description of problem:

Selinux USER_AVC: avc: denied  { send_msg } for msgtype=method_call exe="/usr/bin/dbus-daemon" in audit log after do IP injection with Hyper-V Replication when NetworkManager service is enabled.

Version-Release number of selected component (if applicable):
Kernel: 3.10.0-506.e17.x86_64

Host: Windows 2016RTM

How reproducible: 100%

Steps to Reproduce:

1. HostA is a Hyper-V Replication Server, will have replicated VM from other host, you should configure hostA by 'Hyper-V Settings' - '
Replication Configuration' -> Enable this computer as a Replica Server. Same config for Host B.

2. HostB has a VM
1)configure hostB by 'Hyper-V Settings' - 'Replication Configuration' -> Enable this computer as a Replica Server.

2)check the VM with hypervkvpd service start
# service hypervkvpd status

3)configure the VM, right click, select "Enable Replication" - Before you Begin ->Next->Replica Server as Host A-> Next, view that sending Initial Replica progress showings.

4)you can see HostA with a replicated VM as the same on HostB

        
3. HostA, choose the replicated VM, set ip injection by  editing 'Settings' -
'Network Adapter' - 'Failover TCP/IP', setting the IPv4/IPv6 address, subnet,
gateway, DNS

e.g. IPV4: 192.168.1.15
NETMASK: 255.255.255.0
GATEWAY: 192.168.1.1
DNS: 192.168.1.2

IPV6:2001:e45:1234e00:9876
prifix len: 64        
4. On hostB, turn off the VM, and right click the VM - 'Replication' - 'Planned Failover'        
5. Check the VM ip status on hostA after boot up by ifconfig.        

6. Do ausearch -m user_avc on VM of host A, observe that avc: denied pops up as following logs.

----
time->Mon Sep 19 18:07:20 2016
type=USER_AVC msg=audit(1474279640.189:28): pid=1201 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Properties member=GetAll dest=:1.7 spid=1374 tpid=1255 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Mon Sep 19 18:07:22 2016
type=USER_AVC msg=audit(1474279642.262:32): pid=1201 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Properties member=GetAll dest=:1.7 spid=1589 tpid=1255 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Mon Sep 19 18:07:22 2016
type=USER_AVC msg=audit(1474279642.326:33): pid=1201 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Properties member=GetAll dest=:1.7 spid=1605 tpid=1255 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Mon Sep 19 18:07:27 2016
type=USER_AVC msg=audit(1474279647.227:34): pid=1201 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Properties member=GetAll dest=:1.7 spid=1724 tpid=1255 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Mon Sep 19 18:07:27 2016
type=USER_AVC msg=audit(1474279647.344:36): pid=1201 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Properties member=GetAll dest=:1.7 spid=1763 tpid=1255 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'


Actual results:
Selinux USER_AVC: avc:  denied  { send_msg } for msgtype=method_call exe="/usr/bin/dbus-daemon" in audit log

Expected results:
No Selinux User_AVC denied log.

Note: cannot reproduce this when NetworkManager is disabled.
Comment 3 xuli 2016-09-20 07:31:00 UTC 
If service firewalld is enabled before replication, it will get the user_avc log related with firewalld_t on the replicated VM.

"scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:firewalld_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon"
===========================================


time->Tue Sep 20 02:08:30 2016
type=USER_AVC msg=audit(1474351710.949:117): pid=620 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Properties member=GetAll dest=:1.4 spid=2833 tpid=657 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Tue Sep 20 02:08:30 2016
type=USER_AVC msg=audit(1474351710.992:118): pid=620 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Properties member=GetAll dest=:1.4 spid=2857 tpid=657 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Tue Sep 20 02:08:31 2016
type=USER_AVC msg=audit(1474351711.283:119): pid=620 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Introspectable member=Introspect dest=:1.3 spid=2890 tpid=653 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:firewalld_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Tue Sep 20 02:08:31 2016
type=USER_AVC msg=audit(1474351711.283:120): pid=620 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Introspectable member=Introspect dest=:1.3 spid=2890 tpid=653 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:firewalld_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Tue Sep 20 02:08:31 2016
type=USER_AVC msg=audit(1474351711.283:121): pid=620 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Introspectable member=Introspect dest=:1.3 spid=2890 tpid=653 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:firewalld_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Tue Sep 20 02:08:31 2016
type=USER_AVC msg=audit(1474351711.284:122): pid=620 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Introspectable member=Introspect dest=:1.3 spid=2890 tpid=653 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:firewalld_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Tue Sep 20 02:08:31 2016
type=USER_AVC msg=audit(1474351711.284:123): pid=620 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.fedoraproject.FirewallD1 member=getDefaultZone dest=:1.3 spid=2890 tpid=653 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:firewalld_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
Comment 4 Chris 2017-03-23 06:04:36 UTC 
Is there a plan  to have the selinux policies updated either in updates or for 7.4?

Thank you!
Comment 6 HuijingHei 2017-04-12 06:00:20 UTC 
Description of problem:
Start VM and enable "Data Exchange", with enable "NetworkManager" and enable "firewalld", then do kvp-ip-injection, there are denied user_avc logs in the audit log.

Version-Release number of selected component (if applicable):
Kernel: 3.10.0-632.el7.x86_64
selinux-policy-3.13.1-134.el7.noarch
hyperv-daemons-0-0.30.20161211git.el7.x86_64
Host: Windows 2016

How reproducible: 100%

Steps to Reproduce:        
1. Go to Hyper-V manager -> Integration Services -> Enable "Data Exchange", make sure hypervkvpd are running.
2. Start VM, enable firewalld and enable NetworkManager, and check selinux mode is Enforcing
3. Check the log by 
# ausearch -m user_avc
- no any user_avc log related to hypervkvp_t denied information, which is expected result.
4. run kvp-ip-injection
5. check the log 
# ausearch -m user_avc

Actual results:
1. If enable "Data Exchange", with enable "NetworkManager" and enable "firewalld", then do kvp-ip-injection, observe that selinux denied user_avc logs about hypervkvp with NetworkManager, and hypervkvp with firewalld

2. If disable "NetworkManager" and disable "firewalld", then do kvp-ip-injection, there is no denied user_avc log
3. After replication(same steps according to this bug), there are the same denied user_avc logs in audit log
4. RHEL7.3 aslo has this problem


Expected results:
No denied user_avc logs.

Log information:
Detailed Log:

----
time->Wed Apr 12 11:23:01 2017
type=USER_AVC msg=audit(1491967381.200:305): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.ObjectManager member=GetManagedObjects dest=:1.7 spid=4799 tpid=990 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:01 2017
type=USER_AVC msg=audit(1491967381.222:306): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.ObjectManager member=GetManagedObjects dest=:1.7 spid=4815 tpid=990 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:01 2017
type=USER_AVC msg=audit(1491967381.248:307): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.ObjectManager member=GetManagedObjects dest=:1.7 spid=4836 tpid=990 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:01 2017
type=USER_AVC msg=audit(1491967381.468:317): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.ObjectManager member=GetManagedObjects dest=:1.7 spid=4970 tpid=990 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:01 2017
type=USER_AVC msg=audit(1491967381.690:318): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Introspectable member=Introspect dest=:1.6 spid=4989 tpid=949 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:firewalld_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:01 2017
type=USER_AVC msg=audit(1491967381.691:319): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Introspectable member=Introspect dest=:1.6 spid=4989 tpid=949 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:firewalld_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:01 2017
type=USER_AVC msg=audit(1491967381.691:320): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Introspectable member=Introspect dest=:1.6 spid=4989 tpid=949 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:firewalld_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:01 2017
type=USER_AVC msg=audit(1491967381.691:321): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Introspectable member=Introspect dest=:1.6 spid=4989 tpid=949 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:firewalld_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:01 2017
type=USER_AVC msg=audit(1491967381.692:322): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.fedoraproject.FirewallD1 member=getDefaultZone dest=:1.6 spid=4989 tpid=949 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:firewalld_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:01 2017
type=USER_AVC msg=audit(1491967381.724:323): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.ObjectManager member=GetManagedObjects dest=:1.7 spid=5004 tpid=990 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:01 2017
type=USER_AVC msg=audit(1491967381.744:324): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.ObjectManager member=GetManagedObjects dest=:1.7 spid=5020 tpid=990 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:05 2017
type=USER_AVC msg=audit(1491967385.992:325): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Introspectable member=Introspect dest=:1.6 spid=5053 tpid=949 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:firewalld_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:05 2017
type=USER_AVC msg=audit(1491967385.992:326): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Introspectable member=Introspect dest=:1.6 spid=5053 tpid=949 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:firewalld_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:05 2017
type=USER_AVC msg=audit(1491967385.993:327): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Introspectable member=Introspect dest=:1.6 spid=5053 tpid=949 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:firewalld_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:05 2017
type=USER_AVC msg=audit(1491967385.993:328): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Introspectable member=Introspect dest=:1.6 spid=5053 tpid=949 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:firewalld_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:05 2017
type=USER_AVC msg=audit(1491967385.994:329): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.fedoraproject.FirewallD1 member=getDefaultZone dest=:1.6 spid=5053 tpid=949 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:firewalld_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:06 2017
type=USER_AVC msg=audit(1491967386.026:330): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.ObjectManager member=GetManagedObjects dest=:1.7 spid=5067 tpid=990 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:06 2017
type=USER_AVC msg=audit(1491967386.063:331): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.ObjectManager member=GetManagedObjects dest=:1.7 spid=5091 tpid=990 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:06 2017
type=USER_AVC msg=audit(1491967386.317:332): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Introspectable member=Introspect dest=:1.6 spid=5124 tpid=949 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:firewalld_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:06 2017
type=USER_AVC msg=audit(1491967386.317:333): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Introspectable member=Introspect dest=:1.6 spid=5124 tpid=949 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:firewalld_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:06 2017
type=USER_AVC msg=audit(1491967386.317:334): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Introspectable member=Introspect dest=:1.6 spid=5124 tpid=949 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:firewalld_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:06 2017
type=USER_AVC msg=audit(1491967386.317:335): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus.Introspectable member=Introspect dest=:1.6 spid=5124 tpid=949 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:firewalld_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Wed Apr 12 11:23:06 2017
type=USER_AVC msg=audit(1491967386.318:336): pid=892 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.fedoraproject.FirewallD1 member=getDefaultZone dest=:1.6 spid=5124 tpid=949 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:firewalld_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
Comment 12 errata-xmlrpc 2018-04-10 12:24:04 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:0763