Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHBA-2018:0763
Following SELinux denials appeared in permissive mode: ---- type=PROCTITLE msg=audit(09/13/2017 12:28:06.850:300) : proctitle=/bin/sh /usr/sbin/ctdbd_wrapper /run/ctdb/ctdbd.pid start type=SYSCALL msg=audit(09/13/2017 12:28:06.850:300) : arch=x86_64 syscall=setrlimit success=yes exit=0 a0=RLIMIT_NOFILE a1=0x7ffc38019a00 a2=0x2 a3=0x7f20881c9960 items=0 ppid=1 pid=10557 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=ctdbd_wrapper exe=/usr/bin/bash subj=system_u:system_r:ctdbd_t:s0 key=(null) type=AVC msg=audit(09/13/2017 12:28:06.850:300) : avc: denied { setrlimit } for pid=10557 comm=ctdbd_wrapper scontext=system_u:system_r:ctdbd_t:s0 tcontext=system_u:system_r:ctdbd_t:s0 tclass=process type=AVC msg=audit(09/13/2017 12:28:06.850:300) : avc: denied { sys_resource } for pid=10557 comm=ctdbd_wrapper capability=sys_resource scontext=system_u:system_r:ctdbd_t:s0 tcontext=system_u:system_r:ctdbd_t:s0 tclass=capability ---- # rpm -qa selinux-policy\* selinux-policy-targeted-3.13.1-166.el7.noarch selinux-policy-3.13.1-166.el7.noarch #