Bug 194452
Summary: | Grub fails with execmem AVC denied | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Mark McLoughlin <markmc> |
Component: | selinux-policy-targeted | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | drepper, pb--bugzilla, pjones |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Current | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2007-08-22 14:14:39 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Mark McLoughlin
2006-06-08 10:24:02 UTC
Is this required by grub? IE Is there another way to do this. We can define a context of uncofined_execmem_exec_t for grub which would allow this. chcon -t uncofined_execmem_exec_t /sbin/grub Fixed in 2.2.47-3 I still see this problem on FC6 T1 Vigor14:~: rpm -q selinux-policy-targeted selinux-policy-targeted-2.3.1-1 Vigor14:~: audit(1152250446.486:6): avc: denied { execmem } for pid=2177 comm="grub" scontext=system_u:system_r:unconfined_t:s0 tcontext=system_u:system_r:unconfined_t:s0 tclass=process Fixed in selinux-policy-targeted-2.3.2-2 Should be fixed in the current release |