Bug 761323

Summary: SELinux is preventing /usr/bin/grub2-editenv from 'write' accesses on the file /boot/grub2/grubenv.
Product: [Fedora] Fedora Reporter: Andrey V. Henneberg <safir>
Component: selinux-policyAssignee: Miroslav Grepl <mgrepl>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 16CC: dominick.grift, dwalsh, jskala, jskarvad, mgrepl
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Unspecified   
Whiteboard: abrt_hash:e6c48be6138d33daf6c9a295e38be73fbd34c0f372841c97d478216d3edd3fb4
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-03-15 14:44:24 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Attachments:
Description Flags
File: description none

Description Andrey V. Henneberg 2011-12-08 03:33:59 UTC 
libreport version: 2.0.7
executable:     /usr/bin/python
hashmarkername: setroubleshoot
kernel:         3.1.4-1.fc16.i686.PAE
reason:         SELinux is preventing /usr/bin/grub2-editenv from 'write' accesses on the file /boot/grub2/grubenv.
time:           Чт. 08 дек. 2011 10:32:57

description:    Text file, 2688 bytes
Comment 1 Andrey V. Henneberg 2011-12-08 03:34:03 UTC 
Created attachment 542347 [details]
File: description
Comment 2 Miroslav Grepl 2011-12-08 10:19:51 UTC 
Did it happen by default? Or do you have own script?
Comment 3 Andrey V. Henneberg 2011-12-09 03:27:19 UTC 
No, I have no own script.
Comment 4 Miroslav Grepl 2011-12-13 09:03:42 UTC 
Does everything work for you as expected?
Comment 5 Daniel Walsh 2011-12-13 20:07:28 UTC 
Do the apmd guys know what is going on?

grub2-editenv is being executed from apmd and it is trying to write a file under /boot named grubenv?
Comment 6 Jiri Skala 2011-12-22 09:40:32 UTC 
(In reply to comment #5)
> Do the apmd guys know what is going on?
> 
> grub2-editenv is being executed from apmd and it is trying to write a file
> under /boot named grubenv?

The apmd wasn't changed long time. So the apmd knows nothing about grub2 and there is no direct interaction. I suppose it's an action of required pkgs or manually made/copied script(s).
Comment 7 Daniel Walsh 2011-12-22 15:10:33 UTC 
Well I have no idea.

Andrey has this happened again?
Comment 8 Andrey V. Henneberg 2011-12-23 03:31:55 UTC 
No,  it doesn't but I switched selinux off because I supposed it prevent mysql server starting. I'll try to switch selinux on.
Comment 9 Miroslav Grepl 2011-12-23 11:45:39 UTC 
"selinux off" .. you mean you switched to permissive mode or disabled SELinux? 

If you have a problem and you think it could caused by SELinux, you can just switch to permissive mode and look for AVC msgs.