Created attachment 1511160[details]
Output of: ausearch -c 'pmdalinux' --raw
Description of problem:
After upgrading from F28 to F29 I am getting hundreds of SEAlerts. The plugin line shows:
SELinux is preventing pmdalinux from 'getattr, associate' accesses on the shared memory labeled unconfined_service_t
SELinux is preventing pmdalinux from unix_read access on the shared memory labeled unconfined_service_t
SELinux is preventing pmdalinux from 'getattr, associate' accesses on the semaphore labeled initrc_t.
SELinux is preventing pmdalinux from unix_read access on the semaphore labeled initrc_t.
I haven't done anything to setup (or even install) pcp, which runs this pmdalinux.
Version-Release number of selected component (if applicable):
# rpm -q --whatprovides /var/lib/pcp/pmdas/linux/pmdalinux
pcp-4.2.0-1.fc29.x86_64
selinux-policy-3.14.2-42.fc29.noarch
How reproducible:
The error is constantly appearing
Steps to Reproduce:
1. I guess upgrade from F28 to F29?
2. Reboot
Actual results:
See attached output of ausearch -c 'pmdalinux' --raw
Expected results:
This didn't happen in F28 so it shouldn't happen now.
Additional info:
Additional Information:
Source Context system_u:system_r:pcp_pmcd_t:s0
Target Context system_u:system_r:initrc_t:s0
Target Objects Unknown [ sem ]
Source pmdalinux
Source Path pmdalinux
... and ...
Additional Information:
Source Context system_u:system_r:pcp_pmcd_t:s0
Target Context system_u:system_r:unconfined_service_t:s0
Target Objects Unknown [ shm ]
Source pmdalinux
Source Path pmdalinux
Created attachment 1511160 [details] Output of: ausearch -c 'pmdalinux' --raw Description of problem: After upgrading from F28 to F29 I am getting hundreds of SEAlerts. The plugin line shows: SELinux is preventing pmdalinux from 'getattr, associate' accesses on the shared memory labeled unconfined_service_t SELinux is preventing pmdalinux from unix_read access on the shared memory labeled unconfined_service_t SELinux is preventing pmdalinux from 'getattr, associate' accesses on the semaphore labeled initrc_t. SELinux is preventing pmdalinux from unix_read access on the semaphore labeled initrc_t. I haven't done anything to setup (or even install) pcp, which runs this pmdalinux. Version-Release number of selected component (if applicable): # rpm -q --whatprovides /var/lib/pcp/pmdas/linux/pmdalinux pcp-4.2.0-1.fc29.x86_64 selinux-policy-3.14.2-42.fc29.noarch How reproducible: The error is constantly appearing Steps to Reproduce: 1. I guess upgrade from F28 to F29? 2. Reboot Actual results: See attached output of ausearch -c 'pmdalinux' --raw Expected results: This didn't happen in F28 so it shouldn't happen now. Additional info: Additional Information: Source Context system_u:system_r:pcp_pmcd_t:s0 Target Context system_u:system_r:initrc_t:s0 Target Objects Unknown [ sem ] Source pmdalinux Source Path pmdalinux ... and ... Additional Information: Source Context system_u:system_r:pcp_pmcd_t:s0 Target Context system_u:system_r:unconfined_service_t:s0 Target Objects Unknown [ shm ] Source pmdalinux Source Path pmdalinux