Bug 759696

Summary: SELinux is preventing /usr/sbin/swat from 'write' accesses on the sock_file unexpected.
Product: [Fedora] Fedora Reporter: Boy Hartsuiker <bm.hartsuiker>
Component: selinux-policyAssignee: Miroslav Grepl <mgrepl>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 16CC: dominick.grift, dwalsh, mgrepl
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
Whiteboard: abrt_hash:8e816323fc8e3dd5073b1321cab24e53dd1ac170b9711a6c46403abe615bf3d1
Fixed In Version: selinux-policy-3.10.0-67.fc16 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-12-22 22:48:55 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
File: description none

Description Boy Hartsuiker 2011-12-03 06:56:11 UTC 
libreport version: 2.0.7
executable:     /usr/bin/python
hashmarkername: setroubleshoot
kernel:         3.1.2-1.fc16.x86_64
reason:         SELinux is preventing /usr/sbin/swat from 'write' accesses on the sock_file unexpected.
time:           za 03 dec 2011 07:53:07 CET

description:    Text file, 2407 bytes
Comment 1 Boy Hartsuiker 2011-12-03 06:56:30 UTC 
Created attachment 539927 [details]
File: description
Comment 2 Daniel Walsh 2011-12-03 16:22:49 UTC 
Miroslav add

stream_connect_pattern(swat_t, nmbd_var_run_t, nmbd_var_run_t, nmbd_t)


To F15, F16, RHEl6 please.
Comment 3 Miroslav Grepl 2011-12-05 10:16:43 UTC 
Added into all.
Comment 4 Fedora Update System 2011-12-15 17:08:42 UTC 
selinux-policy-3.10.0-67.fc16 has been submitted as an update for Fedora 16.
https://admin.fedoraproject.org/updates/selinux-policy-3.10.0-67.fc16
Comment 5 Fedora Update System 2011-12-16 20:00:24 UTC 
Package selinux-policy-3.10.0-67.fc16:
* should fix your issue,
* was pushed to the Fedora 16 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing selinux-policy-3.10.0-67.fc16'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2011-17191/selinux-policy-3.10.0-67.fc16
then log in and leave karma (feedback).
Comment 6 Boy Hartsuiker 2011-12-18 18:56:03 UTC 
I assume it was swat trying to restart smbd and nmbd that was prevented by selinux. Restarting smbd and nmbd from swat with the new policy doesn't cause an selinux alert anyore. So I think this is fixed. Thanks.
Comment 7 Miroslav Grepl 2011-12-19 07:59:45 UTC 
Thank you for testing. Could you update karma?
Comment 8 Fedora Update System 2011-12-22 22:48:55 UTC 
selinux-policy-3.10.0-67.fc16 has been pushed to the Fedora 16 stable repository.  If problems still persist, please make note of it in this bug report.