Bug 309741

Summary: SELinux is preventing /usr/sbin/dnsmasq (dnsmasq_t) "write" to (virt_var_lib_t).
Product: [Fedora] Fedora Reporter: Zack Cerza <zcerza>
Component: selinux-policy-targetedAssignee: Daniel Walsh <dwalsh>
Status: CLOSED CURRENTRELEASE QA Contact: Ben Levenson <benl>
Severity: medium Docs Contact:
Priority: low    
Version: rawhideCC: abartlet, mauricio.teixeira
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Current Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-01-30 19:05:49 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
selinux log none

Description Zack Cerza 2007-09-27 19:21:13 UTC 
Description of problem:
I don't know how this was triggered.

avc: denied { write } for comm=dnsmasq dev=sda6 egid=0 euid=0
exe=/usr/sbin/dnsmasq exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name=libvirt
pid=2331 scontext=system_u:system_r:dnsmasq_t:s0 sgid=0
subj=system_u:system_r:dnsmasq_t:s0 suid=0 tclass=dir
tcontext=system_u:object_r:virt_var_lib_t:s0 tty=(none) uid=0 

dnsmasq-2.40-1.fc8
selinux-policy-3.0.8-14.fc8
Comment 1 Daniel Walsh 2007-09-27 19:40:23 UTC 
Fixed in selinux-policy-3.0.8-15.fc8.src.rpm
Comment 2 Andrew Bartlett 2007-10-19 00:57:52 UTC 
Created attachment 231741 [details]
selinux log

I'm still seeing this error (selinux log attached) with
selinux-policy-3.0.8-24.fc8 and dnsmasq-2.40-1.fc8 as lanuched by
libvirt-0.3.3-2.fc8
Comment 3 Mauricio Teixeira 2007-12-02 21:01:24 UTC 
Problem persists with selinux-policy-3.0.8-58.fc8

Fix is to apply workaround mentioned on #407901, so I guess both bugs are
directly related.
Comment 4 Daniel Walsh 2008-01-30 19:05:49 UTC 
Bulk closing a old selinux policy bugs that were in the modified state.  If the
bug is still not fixed.  Please reopen.