Bug 1875027
| Summary: | A bunch of services are failing due to SELinux denials on latest Fedora 32. | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | aziz |
| Component: | selinux-policy | Assignee: | Zdenek Pytela <zpytela> |
| Status: | CLOSED DUPLICATE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 32 | CC: | dwalsh, grepl.miroslav, lvrabec, mmalik, plautrba, vmojzis, zpytela |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-09-03 04:53:13 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
*** This bug has been marked as a duplicate of bug 1874836 *** |
A bunch of services are failing due to SELinux denials on latest Fedora 32: audit[6042]: AVC avc: denied { remount } for pid=6042 comm="(coredump)" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=0 systemd[6042]: systemd-coredump: Failed to set up mount namespacing: /run/systemd/unit-root/: Permission denied systemd[6042]: systemd-coredump: Failed at step NAMESPACE spawning /usr/lib/systemd/systemd-coredump: Permission denied audit[4423]: AVC avc: denied { remount } for pid=4423 comm="(ostnamed)" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=0 systemd[4423]: systemd-hostnamed.service: Failed to set up mount namespacing: /run/systemd/unit-root/: Permission denied systemd[4423]: systemd-hostnamed.service: Failed at step NAMESPACE spawning /usr/lib/systemd/systemd-hostnamed: Permission denied audit[4146]: AVC avc: denied { remount } for pid=4146 comm="(imedated)" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=0 systemd[4146]: systemd-timedated.service: Failed to set up mount namespacing: /run/systemd/unit-root/: Permission denied systemd[4146]: systemd-timedated.service: Failed at step NAMESPACE spawning /usr/lib/systemd/systemd-timedated: Permission denied These show up on selinux-policy-3.14.5-43.fc32. Rebooting in permissive made these errors disappear. Reverting to selinux-policy-3.14.5-32.fc32 didn't help, so the problem might be from one of the other SELinux packages.