Bug 538428 (f11policy)
Summary: | SELinux is preventing cat (logrotate_t) "read" var_run_t. | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Spencer Tom Tafadzwa Chirume <schirume> |
Component: | selinux-policy | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 12 | CC: | achernya, amrossi, andrig.t.miller, an.euroford, antonio_pandolfo, bbarbour, bbigby64, bill-bugzilla.redhat.com, billlinux, bram_gro, brinkj, c.gonzalo.luengo, chris.r137, cje, curoli, dan, dexapier, dicconspain, dignan.patrick, don.novak, dublinuxs, dwalsh, ebihallo, Edofin, edosurina, eduardo.marcelo.palacios, f_a_f12001, forthommel, gaetan, gbrathwaite7thd, germano.massullo, gianpietro.carretta, gopsykg, gwync, habertom, henkj.snel, hihii352, hristo.atanassov, hvdkooij, info, ja3021, jackal_road2000, jaysmobilemail, jeffgbaker, jeremyhu, jhauva, jitesh.1337, josephomorrow, jugon9002, kerrgi, kruvalig, kvolny, liana, louis, mail.dsp, maxime.tierre, m.e, mgrepl, mharvey, naoki, ol.morgan, paoloniccolo.giubelli, phypsi+bugzilla, pierreblavy, pk, plarsen, popmar, QFanatic, qtl.aas, raj.ix86, rana.iftikhar.ahmad, rek, rlandman, rmiller38512, rsandu2004, run, sham435, simon.lewis, slishan, steve, tobias.muhlhofer, tobzet, tomislav.ivancic, tomshoey, vandijck.ger, vanho, vanilkovy.puding, vdanielmo, veli-matti.sorvala, vinyciusunderground2, vlapan, webmaster, wlee, yannchef |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | setroubleshoot_trace_hash:94414bd6d9ab401fd99e2ddce1c340e733145d2c07d153503cf964a6c69c0243 | ||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2009-11-18 15:23:07 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Spencer Tom Tafadzwa Chirume
2009-11-18 15:01:56 UTC
DONT report F11 policy bugs on an F12 machine. Complete the update before you start reporting bugs, PLEASE... Update facing issues, sorry for the errant bug posts. *** Bug 538473 has been marked as a duplicate of this bug. *** *** Bug 538509 has been marked as a duplicate of this bug. *** *** Bug 538511 has been marked as a duplicate of this bug. *** *** Bug 538512 has been marked as a duplicate of this bug. *** *** Bug 538513 has been marked as a duplicate of this bug. *** *** Bug 538528 has been marked as a duplicate of this bug. *** *** Bug 538589 has been marked as a duplicate of this bug. *** *** Bug 538592 has been marked as a duplicate of this bug. *** *** Bug 538594 has been marked as a duplicate of this bug. *** *** Bug 538596 has been marked as a duplicate of this bug. *** *** Bug 538595 has been marked as a duplicate of this bug. *** *** Bug 539259 has been marked as a duplicate of this bug. *** *** Bug 539280 has been marked as a duplicate of this bug. *** *** Bug 539321 has been marked as a duplicate of this bug. *** *** Bug 539449 has been marked as a duplicate of this bug. *** *** Bug 539489 has been marked as a duplicate of this bug. *** (In reply to comment #1) > DONT report F11 policy bugs on an F12 machine. Complete the update before you > start reporting bugs, PLEASE... Sorry for the errant bug reports, but please don't tell people to finish the update if you broke the upgrade path. *** Bug 539447 has been marked as a duplicate of this bug. *** Christoph what is broken in the upgrade path? The reason I (and, I'd imagine, many others) accidentally reported an F11 bug on an F12 machine is that the alert and the option to submit bug reports were new. I hadn't noticed until after I'd submitted that it was listing a whole load of selinux issues that had been present for ages. It would be useful if the alert applet offered to delete all old alerts when it detected a release upgrade. We have not figured out what the best way to handle "old" avc's is. But on upgrade we probably should have cleared the database. What should we do with an AVC that has been reported? Should it be deleted? Should it be marked as ignore? Right now we are turning on the report bug when it is a configurtion or labeling issue, so we are getting bug reports for non bugs. *** Bug 539507 has been marked as a duplicate of this bug. *** (In reply to comment #21) > Christoph what is broken in the upgrade path? Sorry, I don't really know, but I upgraded with preupgrade and still had an F11 version (unfortunately I cannot look up which one it was, because rpm -qa --last doesn't show). I had to update to 3.6.32-46.fc12 from updates-testing. As this version was pushed to stable yesterday, the errant reports should hopefully disappear. I think what we see here is also a bug in sealert: The icon indicates there was an alert, but when you click the icon, sealert shows the first alarm in the list (which may be an old one) but not the actual issue. *** Bug 539728 has been marked as a duplicate of this bug. *** *** Bug 539788 has been marked as a duplicate of this bug. *** *** Bug 539790 has been marked as a duplicate of this bug. *** *** Bug 539792 has been marked as a duplicate of this bug. *** *** Bug 539866 has been marked as a duplicate of this bug. *** *** Bug 539996 has been marked as a duplicate of this bug. *** *** Bug 540170 has been marked as a duplicate of this bug. *** *** Bug 540196 has been marked as a duplicate of this bug. *** *** Bug 540211 has been marked as a duplicate of this bug. *** *** Bug 540558 has been marked as a duplicate of this bug. *** *** Bug 540914 has been marked as a duplicate of this bug. *** *** Bug 540915 has been marked as a duplicate of this bug. *** *** Bug 540916 has been marked as a duplicate of this bug. *** *** Bug 540917 has been marked as a duplicate of this bug. *** *** Bug 540930 has been marked as a duplicate of this bug. *** *** Bug 540933 has been marked as a duplicate of this bug. *** *** Bug 540931 has been marked as a duplicate of this bug. *** *** Bug 540932 has been marked as a duplicate of this bug. *** *** Bug 540934 has been marked as a duplicate of this bug. *** *** Bug 540938 has been marked as a duplicate of this bug. *** *** Bug 540937 has been marked as a duplicate of this bug. *** *** Bug 540936 has been marked as a duplicate of this bug. *** *** Bug 540935 has been marked as a duplicate of this bug. *** *** Bug 541042 has been marked as a duplicate of this bug. *** *** Bug 541146 has been marked as a duplicate of this bug. *** *** Bug 541379 has been marked as a duplicate of this bug. *** *** Bug 542333 has been marked as a duplicate of this bug. *** *** Bug 542298 has been marked as a duplicate of this bug. *** *** Bug 542283 has been marked as a duplicate of this bug. *** *** Bug 542154 has been marked as a duplicate of this bug. *** *** Bug 542153 has been marked as a duplicate of this bug. *** *** Bug 542151 has been marked as a duplicate of this bug. *** *** Bug 542162 has been marked as a duplicate of this bug. *** *** Bug 542235 has been marked as a duplicate of this bug. *** *** Bug 542002 has been marked as a duplicate of this bug. *** *** Bug 542119 has been marked as a duplicate of this bug. *** *** Bug 542118 has been marked as a duplicate of this bug. *** *** Bug 542237 has been marked as a duplicate of this bug. *** *** Bug 542243 has been marked as a duplicate of this bug. *** *** Bug 542618 has been marked as a duplicate of this bug. *** *** Bug 542169 has been marked as a duplicate of this bug. *** *** Bug 542955 has been marked as a duplicate of this bug. *** *** Bug 542946 has been marked as a duplicate of this bug. *** *** Bug 542950 has been marked as a duplicate of this bug. *** *** Bug 542948 has been marked as a duplicate of this bug. *** *** Bug 542947 has been marked as a duplicate of this bug. *** *** Bug 542942 has been marked as a duplicate of this bug. *** *** Bug 542941 has been marked as a duplicate of this bug. *** *** Bug 542959 has been marked as a duplicate of this bug. *** *** Bug 542957 has been marked as a duplicate of this bug. *** *** Bug 542943 has been marked as a duplicate of this bug. *** *** Bug 543030 has been marked as a duplicate of this bug. *** *** Bug 541993 has been marked as a duplicate of this bug. *** *** Bug 543310 has been marked as a duplicate of this bug. *** *** Bug 543350 has been marked as a duplicate of this bug. *** *** Bug 543309 has been marked as a duplicate of this bug. *** *** Bug 543412 has been marked as a duplicate of this bug. *** *** Bug 543414 has been marked as a duplicate of this bug. *** *** Bug 543421 has been marked as a duplicate of this bug. *** *** Bug 543420 has been marked as a duplicate of this bug. *** *** Bug 543419 has been marked as a duplicate of this bug. *** *** Bug 543422 has been marked as a duplicate of this bug. *** *** Bug 543423 has been marked as a duplicate of this bug. *** *** Bug 543418 has been marked as a duplicate of this bug. *** *** Bug 543417 has been marked as a duplicate of this bug. *** *** Bug 543416 has been marked as a duplicate of this bug. *** *** Bug 543415 has been marked as a duplicate of this bug. *** *** Bug 543556 has been marked as a duplicate of this bug. *** *** Bug 543672 has been marked as a duplicate of this bug. *** *** Bug 543673 has been marked as a duplicate of this bug. *** *** Bug 543818 has been marked as a duplicate of this bug. *** *** Bug 543855 has been marked as a duplicate of this bug. *** *** Bug 543874 has been marked as a duplicate of this bug. *** *** Bug 544187 has been marked as a duplicate of this bug. *** *** Bug 544165 has been marked as a duplicate of this bug. *** *** Bug 544166 has been marked as a duplicate of this bug. *** *** Bug 544164 has been marked as a duplicate of this bug. *** *** Bug 544163 has been marked as a duplicate of this bug. *** *** Bug 544162 has been marked as a duplicate of this bug. *** *** Bug 544156 has been marked as a duplicate of this bug. *** *** Bug 544155 has been marked as a duplicate of this bug. *** *** Bug 544153 has been marked as a duplicate of this bug. *** *** Bug 544151 has been marked as a duplicate of this bug. *** *** Bug 544263 has been marked as a duplicate of this bug. *** *** Bug 544460 has been marked as a duplicate of this bug. *** *** Bug 544461 has been marked as a duplicate of this bug. *** *** Bug 544602 has been marked as a duplicate of this bug. *** *** Bug 544545 has been marked as a duplicate of this bug. *** *** Bug 544755 has been marked as a duplicate of this bug. *** *** Bug 544920 has been marked as a duplicate of this bug. *** *** Bug 544857 has been marked as a duplicate of this bug. *** *** Bug 544855 has been marked as a duplicate of this bug. *** *** Bug 544919 has been marked as a duplicate of this bug. *** *** Bug 545081 has been marked as a duplicate of this bug. *** *** Bug 544909 has been marked as a duplicate of this bug. *** *** Bug 545212 has been marked as a duplicate of this bug. *** *** Bug 545320 has been marked as a duplicate of this bug. *** *** Bug 545319 has been marked as a duplicate of this bug. *** *** Bug 545426 has been marked as a duplicate of this bug. *** *** Bug 545729 has been marked as a duplicate of this bug. *** *** Bug 545772 has been marked as a duplicate of this bug. *** (In reply to comment #23) > We have not figured out what the best way to handle "old" avc's is. But on > upgrade we probably should have cleared the database. > > What should we do with an AVC that has been reported? Should it be deleted? > Should it be marked as ignore? Right now we are turning on the report bug when > it is a configurtion or labeling issue, so we are getting bug reports for non > bugs. Will that mean errant bug alerts won't show up after a future Fedora upgrade, it's a practical bug when you have plenty of users reporting a "non bug" is it not? The tool looks at all AVC's that happened during the upgrade and then users report bugs with F11 policy on an F12 machine. As far as I am concerned the bugs do not exist on the F12 machine, so they are NOTABUG. I could rewrite the program to not see the bugs, but this could be error prone and take some time. *** Bug 546048 has been marked as a duplicate of this bug. *** *** Bug 546051 has been marked as a duplicate of this bug. *** *** Bug 546052 has been marked as a duplicate of this bug. *** *** Bug 546287 has been marked as a duplicate of this bug. *** *** Bug 546969 has been marked as a duplicate of this bug. *** *** Bug 547196 has been marked as a duplicate of this bug. *** *** Bug 547050 has been marked as a duplicate of this bug. *** *** Bug 546971 has been marked as a duplicate of this bug. *** *** Bug 546970 has been marked as a duplicate of this bug. *** *** Bug 546968 has been marked as a duplicate of this bug. *** *** Bug 546964 has been marked as a duplicate of this bug. *** *** Bug 547687 has been marked as a duplicate of this bug. *** *** Bug 547927 has been marked as a duplicate of this bug. *** *** Bug 547925 has been marked as a duplicate of this bug. *** *** Bug 547926 has been marked as a duplicate of this bug. *** *** Bug 547929 has been marked as a duplicate of this bug. *** *** Bug 548660 has been marked as a duplicate of this bug. *** *** Bug 549674 has been marked as a duplicate of this bug. *** *** Bug 549680 has been marked as a duplicate of this bug. *** *** Bug 549681 has been marked as a duplicate of this bug. *** *** Bug 543945 has been marked as a duplicate of this bug. *** *** Bug 531817 has been marked as a duplicate of this bug. *** *** Bug 532848 has been marked as a duplicate of this bug. *** *** Bug 540555 has been marked as a duplicate of this bug. *** *** Bug 550750 has been marked as a duplicate of this bug. *** *** Bug 550751 has been marked as a duplicate of this bug. *** *** Bug 550749 has been marked as a duplicate of this bug. *** *** Bug 550748 has been marked as a duplicate of this bug. *** *** Bug 550747 has been marked as a duplicate of this bug. *** *** Bug 550746 has been marked as a duplicate of this bug. *** *** Bug 550745 has been marked as a duplicate of this bug. *** *** Bug 550425 has been marked as a duplicate of this bug. *** *** Bug 551120 has been marked as a duplicate of this bug. *** *** Bug 552174 has been marked as a duplicate of this bug. *** *** Bug 553136 has been marked as a duplicate of this bug. *** *** Bug 553363 has been marked as a duplicate of this bug. *** *** Bug 558745 has been marked as a duplicate of this bug. *** *** Bug 558987 has been marked as a duplicate of this bug. *** *** Bug 559434 has been marked as a duplicate of this bug. *** *** Bug 560010 has been marked as a duplicate of this bug. *** *** Bug 560113 has been marked as a duplicate of this bug. *** *** Bug 560154 has been marked as a duplicate of this bug. *** *** Bug 560201 has been marked as a duplicate of this bug. *** *** Bug 560216 has been marked as a duplicate of this bug. *** *** Bug 560254 has been marked as a duplicate of this bug. *** *** Bug 560450 has been marked as a duplicate of this bug. *** *** Bug 560347 has been marked as a duplicate of this bug. *** *** Bug 560620 has been marked as a duplicate of this bug. *** *** Bug 560298 has been marked as a duplicate of this bug. *** *** Bug 560764 has been marked as a duplicate of this bug. *** *** Bug 560762 has been marked as a duplicate of this bug. *** *** Bug 560937 has been marked as a duplicate of this bug. *** *** Bug 560939 has been marked as a duplicate of this bug. *** *** Bug 560983 has been marked as a duplicate of this bug. *** *** Bug 561208 has been marked as a duplicate of this bug. *** *** Bug 561215 has been marked as a duplicate of this bug. *** *** Bug 562201 has been marked as a duplicate of this bug. *** *** Bug 562202 has been marked as a duplicate of this bug. *** *** Bug 562203 has been marked as a duplicate of this bug. *** *** Bug 562204 has been marked as a duplicate of this bug. *** *** Bug 562206 has been marked as a duplicate of this bug. *** *** Bug 562208 has been marked as a duplicate of this bug. *** *** Bug 562210 has been marked as a duplicate of this bug. *** *** Bug 562211 has been marked as a duplicate of this bug. *** *** Bug 562345 has been marked as a duplicate of this bug. *** *** Bug 563027 has been marked as a duplicate of this bug. *** *** Bug 564327 has been marked as a duplicate of this bug. *** *** Bug 564328 has been marked as a duplicate of this bug. *** *** Bug 564897 has been marked as a duplicate of this bug. *** *** Bug 565369 has been marked as a duplicate of this bug. *** *** Bug 565344 has been marked as a duplicate of this bug. *** *** Bug 565729 has been marked as a duplicate of this bug. *** *** Bug 565741 has been marked as a duplicate of this bug. *** *** Bug 566080 has been marked as a duplicate of this bug. *** *** Bug 566075 has been marked as a duplicate of this bug. *** *** Bug 566067 has been marked as a duplicate of this bug. *** *** Bug 566072 has been marked as a duplicate of this bug. *** *** Bug 566074 has been marked as a duplicate of this bug. *** *** Bug 566178 has been marked as a duplicate of this bug. *** *** Bug 567784 has been marked as a duplicate of this bug. *** *** Bug 561137 has been marked as a duplicate of this bug. *** *** Bug 569986 has been marked as a duplicate of this bug. *** *** Bug 571116 has been marked as a duplicate of this bug. *** *** Bug 571117 has been marked as a duplicate of this bug. *** *** Bug 575130 has been marked as a duplicate of this bug. *** *** Bug 577457 has been marked as a duplicate of this bug. *** *** Bug 596988 has been marked as a duplicate of this bug. *** *** Bug 600424 has been marked as a duplicate of this bug. *** *** Bug 617250 has been marked as a duplicate of this bug. *** *** Bug 619618 has been marked as a duplicate of this bug. *** *** Bug 619881 has been marked as a duplicate of this bug. *** *** Bug 619882 has been marked as a duplicate of this bug. *** *** Bug 624012 has been marked as a duplicate of this bug. *** Oh, I think I see the problem here. The AVC icon pops up in the systray area. "Ah, I've got a new AVC" you think, so you click on the icon that's trying to grab your attention. It pops up the GUI .... but on an AVC that's not the one the icon was trying to alert you about. In my case just now, it was on 21 of 50, from last October. It should pop up to the AVC that caused the icon to appear. I suspect this behavior would eliminate the bulk of the work having to be done here, with no hard choices about what to delete or not. This is on my f12 machine, anyway, haven't seen it yet on f13. *** Bug 654136 has been marked as a duplicate of this bug. *** |