Bug 1426649
Summary: | SELinux is preventing modprobe from 'module_load' accesses on the system /usr/lib/modules/4.9.11-200.fc25.x86_64/misc/vboxdrv.ko. | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Randy Berry <randyn3lrx> | ||||
Component: | selinux-policy | Assignee: | Lukas Vrabec <lvrabec> | ||||
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
Severity: | unspecified | Docs Contact: | |||||
Priority: | unspecified | ||||||
Version: | 25 | CC: | aleksander.baranowski, andpol_o, binaryreverse, csamyn, D8F55524, damjanz, dconti2008, developer, dominick.grift, dwalsh, fed15ora, flydove, F.Navrkal, henryju, jsd, kasad12, knutjbj, linuxat400, luiz.aniki, luya, lvrabec, mechonbarsa, meta, mgrepl, plautrba, pmoore, ram.150392, raphael.brandis, rhbugzilla, ricky.tigg, robatino, ryan.paul, ssekidde, steven.soloff, viduranga.randila, vinayshastry | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | x86_64 | ||||||
OS: | Unspecified | ||||||
Whiteboard: | abrt_hash:1347b85d17bdc72f3ba08e8f28a8d1ecb5775b867de465f943b65422c0c92a9b; | ||||||
Fixed In Version: | selinux-policy-3.13.1-225.11.fc25 | Doc Type: | If docs needed, set a value | ||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2017-02-28 08:49:54 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Randy Berry
2017-02-24 14:27:56 UTC
Description of problem: sudo modprobe nvidia Version-Release number of selected component: selinux-policy-3.13.1-225.10.fc25.noarch Additional info: reporter: libreport-2.8.0 hashmarkername: setroubleshoot kernel: 4.9.10-200.fc25.x86_64 type: libreport Description of problem: Virtual box not working after update my kernel Version-Release number of selected component: selinux-policy-3.13.1-225.10.fc25.noarch Additional info: reporter: libreport-2.8.0 hashmarkername: setroubleshoot kernel: 4.9.11-200.fc25.x86_64 type: libreport It gets better and better. No locally built driver will load, all have permission denied. Doesn't matter whether its an akmod package or not. I can make a policy that modprobe will load it, but not systemd-udevd. same problem: Virtual box not working after selinux update $ uname -a Linux nb 4.9.11-200.fc25.x86_64 #1 SMP Mon Feb 20 18:11:59 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux selinux packages that were upgraded: Upgrade selinux-policy-3.13.1-225.10.fc25.noarch @updates Upgraded selinux-policy-3.13.1-225.6.fc25.noarch @updates Upgrade selinux-policy-targeted-3.13.1-225.10.fc25.noarch @updates Upgraded selinux-policy-targeted-3.13.1-225.6.fc25.noarch @updates workaround: $ sudo ausearch -c 'modprobe' --raw | audit2allow -M my-modprobe $ sudo semodule -i my-modprobe.pp $ sudo /sbin/vboxconfig Description of problem: After last update I got the attached error warning on startup. Version-Release number of selected component: selinux-policy-3.13.1-225.10.fc25.noarch Additional info: reporter: libreport-2.8.0 hashmarkername: setroubleshoot kernel: 4.9.11-200.fc25.x86_64 type: libreport Created attachment 1257860 [details]
Policy module to allow again modprobe to load kernel modules
Hi,
The following SELinux policy module allows modprobe to load kernel modules again (apparently broken in selinux-policy-targeted-3.13.1-225.10.fc25.noarch).
Description of problem: My setup: Pre: Intel i7 6700k with 1060 by nvidia on it's board :). I had problem with rhgb not allowing me to decrypt my hard drive (lvm on ext4 with lukscrypt), so I removed it from grub with silent (or something similar) as workaround. Thing above is not a problem, for this bug report!!! My current booting line looks like "linux16 /vmlinuz-4.9.11-200.fc25.x86_64 root=/dev/mapper/fedora-root ro rd.lvm.lv=fedora/root LANG=en_US.UTF-8". Story: Everything worked fine for long time (2-3 weeks), then newest system (and) kernel update made my system unbootable. With screen turning on and off when trying to startX (or wayland I'm not up to date with current status :)). Solution: I tried to reinstall Nvidia drivers (NVIDIA-Linux-x86_64-378.09.run), but without success (Installer cannot load module, so installation fails). I listed dmesg messages (Because I have previous problem with Nvidia driver when compiling with kernel-devel-debug instead of kernel-devel [ magic num was wrong]). I haven't found anything peculiar so I thought about stripping my system from everything that can prevent loading module. First guess was Selinux. After setenforce 0, and changing default in /etc/selinux/config Installation was successful :). Now I'm on system in permissive mode :(. Additional Information: [root@SpaceStation ~]# dnf history info 37 Transaction ID : 37 Begin time : Sun Feb 26 11:34:10 2017 Begin rpmdb : 2984:8e35525dee5784c47c42d161f7bee14020857789 End time : 11:36:54 2017 (164 seconds) End rpmdb : 2994:9656095b0c97e21798a7b3a3eaef09aa25198f86 User : Alex Baranowski <Alex> Return-Code : Success Command Line : update -y Transaction performed with: Installed dnf-1.1.10-5.fc25.noarch @updates Installed rpm-4.13.0-6.fc25.x86_64 @updates Packages Altered: Upgraded ccache-3.3.3-1.fc25.x86_64 @fedora Upgrade 3.3.4-1.fc25.x86_64 @updates Upgraded crypto-policies-20160921-3.gitf3018dd.fc25.noarch @updates Upgrade 20160921-4.gitf3018dd.fc25.noarch @updates Upgraded firewall-config-0.4.4.3-1.fc25.noarch @updates Upgrade 0.4.4.3-2.fc25.noarch @updates Upgraded firewalld-0.4.4.3-1.fc25.noarch @updates Upgrade 0.4.4.3-2.fc25.noarch @updates Upgraded firewalld-filesystem-0.4.4.3-1.fc25.noarch @updates Upgrade 0.4.4.3-2.fc25.noarch @updates Upgraded flatpak-0.8.3-2.fc25.x86_64 @updates Upgrade 0.8.3-3.fc25.x86_64 @updates Upgraded flatpak-libs-0.8.3-2.fc25.x86_64 @updates Upgrade 0.8.3-3.fc25.x86_64 @updates Upgraded gparted-0.27.0-1.fc25.x86_64 @updates Upgrade 0.28.1-1.fc25.x86_64 @updates Upgraded grep-2.27-1.fc25.x86_64 @updates Upgrade 2.27-2.fc25.x86_64 @updates Upgraded grilo-0.3.2-4.fc25.x86_64 @anaconda Upgrade 0.3.3-1.fc25.x86_64 @updates Upgraded grilo-plugins-0.3.3-1.fc25.x86_64 @anaconda Upgrade 0.3.4-1.fc25.x86_64 @updates Upgraded ibus-libpinyin-1.8.1-1.fc25.x86_64 @updates Upgrade 1.8.91-1.fc25.x86_64 @updates Upgraded ibus-typing-booster-1.5.21-1.fc25.noarch @updates Upgrade 1.5.22-1.fc25.noarch @updates Upgraded kdesdk-thumbnailers-16.08.3-1.fc25.x86_64 @updates Upgrade 16.12.2-1.fc25.x86_64 @updates Install kernel-4.9.11-200.fc25.x86_64 @updates Erase kernel-4.9.8-201.fc25.x86_64 @updates Install kernel-core-4.9.11-200.fc25.x86_64 @updates Erase kernel-core-4.9.8-201.fc25.x86_64 @updates Install kernel-devel-4.9.11-200.fc25.x86_64 @updates Erase kernel-devel-4.9.8-201.fc25.x86_64 @updates Upgraded kernel-headers-4.9.10-200.fc25.x86_64 @updates Upgrade 4.9.11-200.fc25.x86_64 @updates Install kernel-modules-4.9.11-200.fc25.x86_64 @updates Erase kernel-modules-4.9.8-201.fc25.x86_64 @updates Install kernel-modules-extra-4.9.11-200.fc25.x86_64 @updates Erase kernel-modules-extra-4.9.8-201.fc25.x86_64 @updates Upgraded kernel-tools-libs-4.9.10-200.fc25.x86_64 @updates Upgrade 4.9.11-200.fc25.x86_64 @updates Upgraded libblkid-2.28.2-1.fc25.i686 @fedora Upgraded libblkid-2.28.2-1.fc25.x86_64 @anaconda Upgrade 2.28.2-2.fc25.i686 @updates Upgrade 2.28.2-2.fc25.x86_64 @updates Upgraded libfdisk-2.28.2-1.fc25.x86_64 @anaconda Upgrade 2.28.2-2.fc25.x86_64 @updates Upgraded libkomparediff2-16.08.3-1.fc25.x86_64 @updates Upgrade 16.12.2-1.fc25.x86_64 @updates Upgraded libmount-2.28.2-1.fc25.i686 @fedora Upgraded libmount-2.28.2-1.fc25.x86_64 @anaconda Upgrade 2.28.2-2.fc25.i686 @updates Upgrade 2.28.2-2.fc25.x86_64 @updates Upgraded libpinyin-1.7.0-1.fc25.x86_64 @updates Upgrade 1.9.91-1.fc25.x86_64 @updates Upgraded libpinyin-data-1.7.0-1.fc25.x86_64 @updates Upgrade 1.9.91-1.fc25.x86_64 @updates Upgraded libsmartcols-2.28.2-1.fc25.x86_64 @anaconda Upgrade 2.28.2-2.fc25.x86_64 @updates Upgraded libuuid-2.28.2-1.fc25.i686 @fedora Upgraded libuuid-2.28.2-1.fc25.x86_64 @anaconda Upgrade 2.28.2-2.fc25.i686 @updates Upgrade 2.28.2-2.fc25.x86_64 @updates Upgraded libva-1.7.3-1.fc25.i686 @updates Upgraded libva-1.7.3-1.fc25.x86_64 @updates Upgrade 1.7.3-3.fc25.i686 @updates Upgrade 1.7.3-3.fc25.x86_64 @updates Upgraded libva-intel-driver-1.7.3-1.fc25.i686 @rpmfusion-free-updates Upgraded libva-intel-driver-1.7.3-1.fc25.x86_64 @rpmfusion-free-updates Upgrade 1.7.3-2.fc25.i686 @rpmfusion-free-updates Upgrade 1.7.3-2.fc25.x86_64 @rpmfusion-free-updates Upgraded libva-utils-1.7.3-1.fc25.x86_64 @updates Upgrade 1.7.3-3.fc25.x86_64 @updates Upgraded mate-power-manager-1.16.1-1.fc25.x86_64 @updates Upgrade 1.16.2-1.fc25.x86_64 @updates Upgraded mesa-dri-drivers-13.0.3-5.fc25.i686 @updates Upgraded mesa-dri-drivers-13.0.3-5.fc25.x86_64 @updates Upgrade 13.0.4-1.fc25.i686 @updates Upgrade 13.0.4-1.fc25.x86_64 @updates Upgraded mesa-filesystem-13.0.3-5.fc25.i686 @updates Upgraded mesa-filesystem-13.0.3-5.fc25.x86_64 @updates Upgrade 13.0.4-1.fc25.i686 @updates Upgrade 13.0.4-1.fc25.x86_64 @updates Upgraded mesa-libEGL-13.0.3-5.fc25.i686 @updates Upgraded mesa-libEGL-13.0.3-5.fc25.x86_64 @updates Upgrade 13.0.4-1.fc25.i686 @updates Upgrade 13.0.4-1.fc25.x86_64 @updates Upgraded mesa-libEGL-devel-13.0.3-5.fc25.x86_64 @updates Upgrade 13.0.4-1.fc25.x86_64 @updates Upgraded mesa-libGL-13.0.3-5.fc25.i686 @updates Upgraded mesa-libGL-13.0.3-5.fc25.x86_64 @updates Upgrade 13.0.4-1.fc25.i686 @updates Upgrade 13.0.4-1.fc25.x86_64 @updates Upgraded mesa-libGL-devel-13.0.3-5.fc25.x86_64 @updates Upgrade 13.0.4-1.fc25.x86_64 @updates Upgraded mesa-libGLES-13.0.3-5.fc25.x86_64 @updates Upgrade 13.0.4-1.fc25.x86_64 @updates Upgraded mesa-libOSMesa-13.0.3-5.fc25.i686 @updates Upgraded mesa-libOSMesa-13.0.3-5.fc25.x86_64 @updates Upgrade 13.0.4-1.fc25.i686 @updates Upgrade 13.0.4-1.fc25.x86_64 @updates Upgraded mesa-libgbm-13.0.3-5.fc25.i686 @updates Upgraded mesa-libgbm-13.0.3-5.fc25.x86_64 @updates Upgrade 13.0.4-1.fc25.i686 @updates Upgrade 13.0.4-1.fc25.x86_64 @updates Upgraded mesa-libgbm-devel-13.0.3-5.fc25.x86_64 @updates Upgrade 13.0.4-1.fc25.x86_64 @updates Upgraded mesa-libglapi-13.0.3-5.fc25.i686 @updates Upgraded mesa-libglapi-13.0.3-5.fc25.x86_64 @updates Upgrade 13.0.4-1.fc25.i686 @updates Upgrade 13.0.4-1.fc25.x86_64 @updates Upgraded mesa-libwayland-egl-13.0.3-5.fc25.i686 @updates Upgraded mesa-libwayland-egl-13.0.3-5.fc25.x86_64 @updates Upgrade 13.0.4-1.fc25.i686 @updates Upgrade 13.0.4-1.fc25.x86_64 @updates Upgraded mesa-libwayland-egl-devel-13.0.3-5.fc25.x86_64 @updates Upgrade 13.0.4-1.fc25.x86_64 @updates Upgraded mesa-libxatracker-13.0.3-5.fc25.x86_64 @updates Upgrade 13.0.4-1.fc25.x86_64 @updates Upgraded okteta-libs-16.08.3-1.fc25.x86_64 @updates Upgrade 16.12.2-1.fc25.x86_64 @updates Upgraded open-vm-tools-10.0.5-7.fc25.x86_64 @updates Upgrade 10.1.0-1.fc25.x86_64 @updates Upgraded open-vm-tools-desktop-10.0.5-7.fc25.x86_64 @updates Upgrade 10.1.0-1.fc25.x86_64 @updates Upgraded pcre-8.40-2.fc25.i686 @updates Upgraded pcre-8.40-2.fc25.x86_64 @updates Upgrade 8.40-4.fc25.i686 @updates Upgrade 8.40-4.fc25.x86_64 @updates Upgraded pcre-cpp-8.40-2.fc25.x86_64 @updates Upgrade 8.40-4.fc25.x86_64 @updates Upgraded pcre-devel-8.40-2.fc25.x86_64 @updates Upgrade 8.40-4.fc25.x86_64 @updates Upgraded pcre-utf16-8.40-2.fc25.x86_64 @updates Upgrade 8.40-4.fc25.x86_64 @updates Upgraded pcre-utf32-8.40-2.fc25.x86_64 @updates Upgrade 8.40-4.fc25.x86_64 @updates Upgraded perl-Net-HTTP-6.12-1.fc25.noarch @updates Upgrade 6.13-1.fc25.noarch @updates Upgraded php-7.0.15-1.fc25.x86_64 @updates Upgrade 7.0.16-1.fc25.x86_64 @updates Upgraded php-cli-7.0.15-1.fc25.x86_64 @updates Upgrade 7.0.16-1.fc25.x86_64 @updates Upgraded php-common-7.0.15-1.fc25.x86_64 @updates Upgrade 7.0.16-1.fc25.x86_64 @updates Upgraded php-json-7.0.15-1.fc25.x86_64 @updates Upgrade 7.0.16-1.fc25.x86_64 @updates Upgraded php-ldap-7.0.15-1.fc25.x86_64 @updates Upgrade 7.0.16-1.fc25.x86_64 @updates Upgraded php-mysqlnd-7.0.15-1.fc25.x86_64 @updates Upgrade 7.0.16-1.fc25.x86_64 @updates Upgraded php-pdo-7.0.15-1.fc25.x86_64 @updates Upgrade 7.0.16-1.fc25.x86_64 @updates Upgraded po-debconf-1.0.16-7.nmu2.fc24.noarch @fedora Upgrade 1.0.16-8.nmu3.fc25.noarch @updates Upgraded python-rpm-macros-3-10.fc25.noarch @fedora Upgrade 3-11.fc25.noarch @updates Upgraded python-srpm-macros-3-10.fc25.noarch @fedora Upgrade 3-11.fc25.noarch @updates Upgraded python2-pyasn1-0.1.9-7.fc25.1.noarch @fedora Upgrade 0.2.1-1.fc25.noarch @updates Upgraded python2-pyasn1-modules-0.1.9-7.fc25.1.noarch @fedora Upgrade 0.2.1-1.fc25.noarch @updates Upgraded python2-rpm-macros-3-10.fc25.noarch @fedora Upgrade 3-11.fc25.noarch @updates Upgraded python3-firewall-0.4.4.3-1.fc25.noarch @updates Upgrade 0.4.4.3-2.fc25.noarch @updates Upgraded python3-rpm-macros-3-10.fc25.noarch @fedora Upgrade 3-11.fc25.noarch @updates Upgrade selinux-policy-3.13.1-225.10.fc25.noarch @updates Upgraded selinux-policy-3.13.1-225.6.fc25.noarch @updates Upgrade selinux-policy-targeted-3.13.1-225.10.fc25.noarch @updates Upgraded selinux-policy-targeted-3.13.1-225.6.fc25.noarch @updates Upgraded sos-3.2-4.fc25.noarch @anaconda Upgrade 3.3-1.fc25.noarch @updates Upgraded strace-4.15-1.fc25.x86_64 @updates Upgrade 4.16-1.fc25.x86_64 @updates Upgraded util-linux-2.28.2-1.fc25.x86_64 @anaconda Upgrade 2.28.2-2.fc25.x86_64 @updates Upgraded util-linux-user-2.28.2-1.fc25.x86_64 (unknown) Upgrade 2.28.2-2.fc25.x86_64 @updates Upgraded webkitgtk4-2.14.3-1.fc25.x86_64 @updates Upgrade 2.14.5-1.fc25.x86_64 @updates Upgraded webkitgtk4-devel-2.14.3-1.fc25.x86_64 @updates Upgrade 2.14.5-1.fc25.x86_64 @updates Upgraded webkitgtk4-jsc-2.14.3-1.fc25.x86_64 @updates Upgrade 2.14.5-1.fc25.x86_64 @updates Upgraded webkitgtk4-jsc-devel-2.14.3-1.fc25.x86_64 @updates Upgrade 2.14.5-1.fc25.x86_64 @updates Upgraded webkitgtk4-plugin-process-gtk2-2.14.3-1.fc25.x86_64 @updates Upgrade 2.14.5-1.fc25.x86_64 @updates Upgraded autocorr-en-1:5.2.5.1-6.fc25.noarch @updates Upgrade 1:5.2.6.1-1.fc25.noarch @updates Install libglvnd-1:0.2.999-10.gitdc16f8c.fc25.i686 @updates Install libglvnd-1:0.2.999-10.gitdc16f8c.fc25.x86_64 @updates Install libglvnd-core-devel-1:0.2.999-10.gitdc16f8c.fc25.x86_64 @updates Install libglvnd-devel-1:0.2.999-10.gitdc16f8c.fc25.x86_64 @updates Install libglvnd-egl-1:0.2.999-10.gitdc16f8c.fc25.i686 @updates Install libglvnd-egl-1:0.2.999-10.gitdc16f8c.fc25.x86_64 @updates Install libglvnd-gles-1:0.2.999-10.gitdc16f8c.fc25.x86_64 @updates Install libglvnd-glx-1:0.2.999-10.gitdc16f8c.fc25.i686 @updates Install libglvnd-glx-1:0.2.999-10.gitdc16f8c.fc25.x86_64 @updates Install libglvnd-opengl-1:0.2.999-10.gitdc16f8c.fc25.x86_64 @updates Upgraded libreoffice-calc-1:5.2.5.1-6.fc25.x86_64 @updates Upgrade 1:5.2.6.1-1.fc25.x86_64 @updates Upgraded libreoffice-core-1:5.2.5.1-6.fc25.x86_64 @updates Upgrade 1:5.2.6.1-1.fc25.x86_64 @updates Upgraded libreoffice-data-1:5.2.5.1-6.fc25.noarch @updates Upgrade 1:5.2.6.1-1.fc25.noarch @updates Upgraded libreoffice-draw-1:5.2.5.1-6.fc25.x86_64 @updates Upgrade 1:5.2.6.1-1.fc25.x86_64 @updates Upgraded libreoffice-emailmerge-1:5.2.5.1-6.fc25.x86_64 @updates Upgrade 1:5.2.6.1-1.fc25.x86_64 @updates Upgraded libreoffice-filters-1:5.2.5.1-6.fc25.x86_64 @updates Upgrade 1:5.2.6.1-1.fc25.x86_64 @updates Upgraded libreoffice-graphicfilter-1:5.2.5.1-6.fc25.x86_64 @updates Upgrade 1:5.2.6.1-1.fc25.x86_64 @updates Upgraded libreoffice-gtk2-1:5.2.5.1-6.fc25.x86_64 @updates Upgrade 1:5.2.6.1-1.fc25.x86_64 @updates Upgraded libreoffice-gtk3-1:5.2.5.1-6.fc25.x86_64 @updates Upgrade 1:5.2.6.1-1.fc25.x86_64 @updates Upgraded libreoffice-impress-1:5.2.5.1-6.fc25.x86_64 @updates Upgrade 1:5.2.6.1-1.fc25.x86_64 @updates Upgraded libreoffice-langpack-en-1:5.2.5.1-6.fc25.x86_64 @updates Upgrade 1:5.2.6.1-1.fc25.x86_64 @updates Upgraded libreoffice-math-1:5.2.5.1-6.fc25.x86_64 @updates Upgrade 1:5.2.6.1-1.fc25.x86_64 @updates Upgraded libreoffice-ogltrans-1:5.2.5.1-6.fc25.x86_64 @updates Upgrade 1:5.2.6.1-1.fc25.x86_64 @updates Upgraded libreoffice-opensymbol-fonts-1:5.2.5.1-6.fc25.noarch @updates Upgrade 1:5.2.6.1-1.fc25.noarch @updates Upgraded libreoffice-pdfimport-1:5.2.5.1-6.fc25.x86_64 @updates Upgrade 1:5.2.6.1-1.fc25.x86_64 @updates Upgraded libreoffice-pyuno-1:5.2.5.1-6.fc25.x86_64 @updates Upgrade 1:5.2.6.1-1.fc25.x86_64 @updates Upgraded libreoffice-ure-1:5.2.5.1-6.fc25.x86_64 @updates Upgrade 1:5.2.6.1-1.fc25.x86_64 @updates Upgraded libreoffice-ure-common-1:5.2.5.1-6.fc25.noarch @updates Upgrade 1:5.2.6.1-1.fc25.noarch @updates Upgraded libreoffice-writer-1:5.2.5.1-6.fc25.x86_64 @updates Upgrade 1:5.2.6.1-1.fc25.x86_64 @updates Upgraded libreoffice-x11-1:5.2.5.1-6.fc25.x86_64 @updates Upgrade 1:5.2.6.1-1.fc25.x86_64 @updates Upgraded libreoffice-xsltfilter-1:5.2.5.1-6.fc25.x86_64 @updates Upgrade 1:5.2.6.1-1.fc25.x86_64 @updates Upgraded libreofficekit-1:5.2.5.1-6.fc25.x86_64 @updates Upgrade 1:5.2.6.1-1.fc25.x86_64 @updates Upgraded spotify-client-1:1.0-10.fc25.x86_64 (unknown) Upgrade 1:1.0-11.fc25.x86_64 @fedora-spotify Upgraded vim-common-2:8.0.329-1.fc25.x86_64 @updates Upgrade 2:8.0.347-2.fc25.x86_64 @updates Upgraded vim-enhanced-2:8.0.329-1.fc25.x86_64 @updates Upgrade 2:8.0.347-2.fc25.x86_64 @updates Upgraded vim-filesystem-2:8.0.329-1.fc25.x86_64 @updates Upgrade 2:8.0.347-2.fc25.x86_64 @updates Upgraded vim-minimal-2:8.0.329-1.fc25.x86_64 @updates Upgrade 2:8.0.347-2.fc25.x86_64 @updates Upgraded texlive-base-6:2016-30.20160520.fc25.noarch @updates Upgrade 6:2016-32.20160520.fc25.noarch @updates Upgraded texlive-dvipng-6:svn40768-30.fc25.noarch @updates Upgrade 6:svn40768-32.fc25.1.noarch @updates Upgraded texlive-dvipng-bin-6:svn40473-30.20160520.fc25.x86_64 @updates Upgrade 6:svn40473-32.20160520.fc25.1.x86_64 @updates Upgraded texlive-kpathsea-6:svn41139-30.fc25.noarch @updates Upgrade 6:svn41139-32.fc25.1.noarch @updates Upgraded texlive-kpathsea-bin-6:svn40473-30.20160520.fc25.x86_64 @updates Upgrade 6:svn40473-32.20160520.fc25.1.x86_64 @updates Upgraded texlive-lib-6:2016-30.20160520.fc25.x86_64 @updates Upgrade 6:2016-32.20160520.fc25.x86_64 @updates Upgraded texlive-metafont-6:svn40793-30.fc25.noarch @updates Upgrade 6:svn40793-32.fc25.1.noarch @updates Upgraded texlive-metafont-bin-6:svn40987-30.20160520.fc25.x86_64 @updates Upgrade 6:svn40987-32.20160520.fc25.1.x86_64 @updates Upgraded texlive-tetex-6:svn41059-30.fc25.noarch @updates Upgrade 6:svn41059-32.fc25.1.noarch @updates Upgraded texlive-tetex-bin-6:svn36770.0-30.20160520.fc25.noarch @updates Upgrade 6:svn36770.0-32.20160520.fc25.1.noarch @updates Upgraded texlive-texlive.infra-6:svn41280-30.fc25.noarch @updates Upgrade 6:svn41280-32.fc25.1.noarch @updates Upgraded texlive-texlive.infra-bin-6:svn40312-30.20160520.fc25.x86_64 @updates Upgrade 6:svn40312-32.20160520.fc25.1.x86_64 @updates Scriptlet output: 1 warning: file /usr/lib/libGL.so.1.2.0: remove failed: No such file or directory 2 warning: file /usr/lib64/libGL.so.1.2.0: remove failed: No such file or directory 3 dkms: removing: nvidia 378.09 (4.9.8-201.fc25.x86_64) (x86_64) 4 5 -------- Uninstall Beginning -------- 6 Module: nvidia 7 Version: 378.09 8 Kernel: 4.9.8-201.fc25.x86_64 (x86_64) 9 ------------------------------------- 10 11 Status: Before uninstall, this module version was ACTIVE on this kernel. 12 Removing any linked weak-modules 13 14 nvidia.ko: 15 - Uninstallation 16 - Deleting from: /lib/modules/4.9.8-201.fc25.x86_64/extra/ 17 - Original module 18 - No original module was found for this module on this kernel. 19 - Use the dkms install command to reinstall any previous module version. 20 21 22 nvidia-uvm.ko: 23 - Uninstallation 24 - Deleting from: /lib/modules/4.9.8-201.fc25.x86_64/extra/ 25 - Original module 26 - No original module was found for this module on this kernel. 27 - Use the dkms install command to reinstall any previous module version. 28 29 30 nvidia-modeset.ko: 31 - Uninstallation 32 - Deleting from: /lib/modules/4.9.8-201.fc25.x86_64/extra/ 33 - Original module 34 - No original module was found for this module on this kernel. 35 - Use the dkms install command to reinstall any previous module version. 36 37 38 nvidia-drm.ko: 39 - Uninstallation 40 - Deleting from: /lib/modules/4.9.8-201.fc25.x86_64/extra/ 41 - Original module 42 - No original module was found for this module on this kernel. 43 - Use the dkms install command to reinstall any previous module version. 44 45 depmod... 46 47 DKMS: uninstall completed. 48 warning: file /lib/modules/4.9.8-201.fc25.x86_64/updates: remove failed: No such file or directory Post: Any help would be greatly appreciated. Version-Release number of selected component: selinux-policy-3.13.1-225.10.fc25.noarch Additional info: reporter: libreport-2.8.0 hashmarkername: setroubleshoot kernel: 4.9.11-200.fc25.x86_64 type: libreport Please make this urgent priority. As a temporary workaround SELinux config could be set to permissive mode. selinux in permissive mode works, but that's not a (final) solution. Building package with fix: https://koji.fedoraproject.org/koji/taskinfo?taskID=18091346 Will be in Fedora ASAP. selinux-policy-3.13.1-225.11.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2017-e06f91350b Workaround which got me up and running again: # setenforce 0 # /sbin/vboxconfig # setenforce 1 Description of problem: Trying to use VirtualBox-5.1 from Oracle repos. Issue is also seen when using the RPMFusion version. Version-Release number of selected component: selinux-policy-3.13.1-225.10.fc25.noarch Additional info: reporter: libreport-2.8.0 hashmarkername: setroubleshoot kernel: 4.9.11-200.fc25.x86_64 type: libreport Description of problem: Bootup after most recent updates. Version-Release number of selected component: selinux-policy-3.13.1-225.10.fc25.noarch Additional info: reporter: libreport-2.8.0 hashmarkername: setroubleshoot kernel: 4.9.11-200.fc25.x86_64 type: libreport selinux-policy-3.13.1-225.11.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-e06f91350b Description of problem: Linux abc-PC 4.9.11-200.fc25.x86_64 #1 SMP Mon Feb 20 18:11:59 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux # dnf install VirtualBox-5.1-5.1.14_112924_fedora25-1.x86_64 Creating group 'vboxusers'. VM users must be member of that group! Created symlink /etc/systemd/system/multi-user.target.wants/vboxdrv.service → /usr/lib/systemd/system/vboxdrv.service. Created symlink /etc/systemd/system/multi-user.target.wants/vboxballoonctrl-service.service → /usr/lib/systemd/system/vboxballoonctrl-service.service. Created symlink /etc/systemd/system/multi-user.target.wants/vboxautostart-service.service → /usr/lib/systemd/system/vboxautostart-service.service. Created symlink /etc/systemd/system/multi-user.target.wants/vboxweb-service.service → /usr/lib/systemd/system/vboxweb-service.service. vboxdrv.sh: failed: modprobe vboxdrv failed. Please use 'dmesg' to find out why. There were problems setting up VirtualBox. To re-start the set-up process, run /sbin/vboxconfig as root. Version-Release number of selected component: selinux-policy-3.13.1-225.10.fc25.noarch Additional info: reporter: libreport-2.8.0 hashmarkername: setroubleshoot kernel: 4.9.11-200.fc25.x86_64 type: libreport Description of problem: On System start up... Version-Release number of selected component: selinux-policy-3.13.1-225.10.fc25.noarch Additional info: reporter: libreport-2.8.0 hashmarkername: setroubleshoot kernel: 4.9.11-200.fc25.x86_64 type: libreport Description of problem: error appeared after recent updates Version-Release number of selected component: selinux-policy-3.13.1-225.10.fc25.noarch Additional info: reporter: libreport-2.8.0 hashmarkername: setroubleshoot kernel: 4.9.11-200.fc25.x86_64 type: libreport Description of problem: done updates and rebooted Version-Release number of selected component: selinux-policy-3.13.1-225.10.fc25.noarch Additional info: reporter: libreport-2.8.0 hashmarkername: setroubleshoot kernel: 4.9.12-200.fc25.x86_64 type: libreport *** Bug 1427411 has been marked as a duplicate of this bug. *** I am stuck in boot process since yesterday. First, SELinux prevented loading NVIDIA drivers. I disabled SELinux. Now, kernel log says: ### nvidia: loading out-of-tree module taints kernel. nvidia: module license 'NVIDIA' taints kernel. nvidia: module verification failed: signature and/or required key missing - tainting kernel nvidia-nvlink: Nvlink Core is being initialized, major device number 238 nvidia-modset: Loading NVIDIA Kernel Mode Setting Driver for UNIX platforms 375.26 [drm] [nvidia-drm] [GPU ID 0x00000100] Loading driver ### NVIDIA drivers are from RPMFusion repo. In the boot process, I end up being stuck in different states. I activated verbose output, these are the messages when booting get stuck on three different tries: First try: ### [ OK ] Started Session c1 of user gdm [ OK ] Started User Manager for UID 42 Starting Hold until boot process finishes up... ### Second try: ### [ OK ] Started Session c1 of user gdm [ OK ] Started User Manager for UID 42 [ OK ] Started GNOME Display Manager... finishes up.... ### Third try: ### [ OK ] Started User Manager for UID 42 [ 23..... ] virbr0: port 1(virbr0-nic) entered blocking state [ 23..... ] virbr0: port 1(virbr0-nic) entered disabled state [ 23..... ] device virbr0-nic entered promiscuous mode [ 23..... ] virbr0: port 1(virbr0-nic) entered blocking state [ 23..... ] virbr0: port 1(virbr0-nic) entered listening state [ 23..... ] virbr0: port 1(virbr0-nic) entered disabled state ### journalctl ain't giving me any new errors. /var/log/Xorg.0.log doesn't change, keeps giving me the same error output: ### NVIDIA: Failed to initialize the NVIDIA kernel module. Please see the system's kernel log for additional error messages.... ... Fatal server error: no screens found EE) ### I updated with tonight's new packages and new kernel 4.9.12, nothing changed. Could you try put SELinux to permissive, or disabled mode - then reinstall NVidia driver packages? selinux-policy-3.13.1-225.11.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report. Description of problem: Modprobe should be allowed module_load access on the vboxdrv.ko system by default. Version-Release number of selected component: selinux-policy-3.13.1-225.10.fc25.noarch Additional info: reporter: libreport-2.8.0 hashmarkername: setroubleshoot kernel: 4.9.11-200.fc25.x86_64 type: libreport Description of problem: Bumblebee's bumblebee-nvidia package causes SELinux alert when executing modprobe. This is corrected by adding an exception to SELinux policy. Version-Release number of selected component: selinux-policy-3.13.1-225.10.fc25.noarch Additional info: reporter: libreport-2.8.0 hashmarkername: setroubleshoot kernel: 4.9.12-200.fc25.x86_64 type: libreport ### Could you try put SELinux to permissive, or disabled mode - then reinstall NVidia driver packages? ### I removed the nvidia drivers, I have set SELinux to permissive mode, rebooted and still got stuck in boot process even without nvidia drivers. I reinstalled nvidia drivers, rebooted and also got stuck again in boot process at this point: ### [ OK ] Started Session c1 of user gdm [ OK ] Started User Manager for UID 42 [ 24...] Bridge firewalling registered ### Also, there is again a SELinux kernel message: ### avc: denied (module_load) for pid=791 comm="systemd_udev" path="/usr/lib/modules/4.9.12-200.fc25.x86_64/extra/nvidia/nvidia.ko" dev="dm-0"...... ### Just for making it sure - you set to permissive mode in /etc/selinux/config? It's not possible for selinux to denied anything when in permisive on boot. Description of problem: Unable to run virtualbox. To solve this problem, I have executed: # ausearch -c 'modprobe' --raw | audit2allow -M my-modprobe # semodule -X 300 -i my-modprobe.pp # /usr/sbin/vboxconfig Version-Release number of selected component: selinux-policy-3.13.1-225.10.fc25.noarch Additional info: reporter: libreport-2.8.0 hashmarkername: setroubleshoot kernel: 4.9.12-200.fc25.x86_64 type: libreport Yes, SELinux is definitely in permissive mode in /etc/selinux/config. When I disable SELinux these messages disappear, but it won't change anything else. So, what confuses me, is the point, that the boot process get stuck in different states, regarding to the verbose output there. I assume, this isn't the only problem here. Like I wrote, even without the nvidia drivers, using the nouveau driver, the boot process behaves the same. What is the best way to debug the boot process? At the moment, I just can run in verbose mode and write down the last messages it puts out. Ok, I managed to fix this problem. I removed the RPMFusion NVIDIA driver packages and I reinstalled the proprietary NVIDIA drivers, I used before I tried the other ones. Installation went successful and even setting SELinux back to enforcd mode works just fine. I don't know, if this is enough evidence, but it seems, there is some kind of problem regarding the RPMFusion driver packages and SELinux (or at least between one of the packages that installed in the last updates). *** Bug 1427685 has been marked as a duplicate of this bug. *** |