Bug 1384483
| Summary: | Snapshot : Seeing AVC denied messages generated when snapshot and clones are created | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Anil Shah <ashah> | |
| Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> | |
| Status: | CLOSED ERRATA | QA Contact: | Milos Malik <mmalik> | |
| Severity: | high | Docs Contact: | Mirek Jahoda <mjahoda> | |
| Priority: | high | |||
| Version: | 7.3 | CC: | asengupt, ashah, lmiksik, lvrabec, mgrepl, mjahoda, mkolaja, mmalik, plautrba, pprakash, pvrabec, rhs-bugs, snagar, ssekidde, storage-qa-internal | |
| Target Milestone: | rc | Keywords: | ZStream | |
| Target Release: | --- | |||
| Hardware: | x86_64 | |||
| OS: | Linux | |||
| Whiteboard: | ||||
| Fixed In Version: | selinux-policy-3.13.1-105.el7 | Doc Type: | Bug Fix | |
| Doc Text: |
Prior to this update, SELinux denied access while creating snapshots and clones in Red Hat Gluster Storage (RHGS). The SELinux policy has been updated, and the Access Vector Cache (AVC) denials no longer occur.
|
Story Points: | --- | |
| Clone Of: | 1384481 | |||
| : | 1386621 (view as bug list) | Environment: | ||
| Last Closed: | 2017-08-01 15:15:11 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 1386621 | |||
|
Comment 2
Anil Shah
2016-10-13 12:01:37 UTC
't' is missing: # semanage permissive -a glusterd_ ValueError: glusterd_ is not a domain type # Correct command is: # semanage permissive -a glusterd_t # Updated selinux policy : [root@rhs-client46 ~]# rpm -qa | grep selinux-policy selinux-policy-3.13.1-102.el7_3.4.noarch selinux-policy-targeted-3.13.1-102.el7_3.4.noarch Not seeing any AVC denied messages ,while creating snapshots and clones. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2017:1861 |