Description of problem: SELinux is preventing /usr/sbin/bumblebeed from 'write' accesses on the file bbswitch. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that bumblebeed should be allowed write access on the bbswitch file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep bumblebeed /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:bumblebee_t:s0 Target Context system_u:object_r:proc_t:s0 Target Objects bbswitch [ file ] Source bumblebeed Source Path /usr/sbin/bumblebeed Port <Unknown> Host (removed) Source RPM Packages bumblebee-3.1-1.fc18.x86_64 Target RPM Packages Policy RPM selinux-policy-3.12.1-105.fc20.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 3.11.10-300.fc20.x86_64 #1 SMP Fri Nov 29 19:16:48 UTC 2013 x86_64 x86_64 Alert Count 5 First Seen 2013-12-06 19:16:25 WET Last Seen 2013-12-08 11:18:01 WET Local ID 9f737a13-6215-48b0-93d4-8eb867076f8a Raw Audit Messages type=AVC msg=audit(1386501481.5:615): avc: denied { write } for pid=5051 comm="bumblebeed" name="bbswitch" dev="proc" ino=4026532263 scontext=system_u:system_r:bumblebee_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file type=SYSCALL msg=audit(1386501481.5:615): arch=x86_64 syscall=access success=yes exit=0 a0=409375 a1=6 a2=4074be a3=0 items=0 ppid=1 pid=5051 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm=bumblebeed exe=/usr/sbin/bumblebeed subj=system_u:system_r:bumblebee_t:s0 key=(null) Hash: bumblebeed,bumblebee_t,proc_t,file,write Additional info: reporter: libreport-2.1.9 hashmarkername: setroubleshoot kernel: 3.11.10-300.fc20.x86_64 type: libreport
commit 4b26b7506948aa738585ae4ad56dcf7d9033bf7c Author: Miroslav Grepl <mgrepl> Date: Mon Dec 9 11:01:51 2013 +0100 Dontaudit access check on /proc for bumblebee commit 4296386a26ff7693fd98b5be8aac18d5ae4ddbf8 Author: Miroslav Grepl <mgrepl> Date: Mon Dec 9 10:54:47 2013 +0100 bumblebee wants to load nvidia modules
Description of problem: Install bumblebee, bbswitch, primus for fedora 20 from http://install.linux.ncsu.edu/pub/yum/itecs/public Additional info: reporter: libreport-2.1.10 hashmarkername: setroubleshoot kernel: 3.12.5-302.fc20.x86_64 type: libreport
Yanuar can you explain a bit better what needs to get installed on fedora 20. i have installed everyting i think shuold be installed, and it dosent follow. every time i restart the computer i get this "selinux is preventing the bumblebeed from write acces on the file bbswitch" , /usr/sbin/bumblebeed
selinux-policy-3.12.1-116.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/selinux-policy-3.12.1-116.fc20
Package selinux-policy-3.12.1-116.fc20: * should fix your issue, * was pushed to the Fedora 20 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing selinux-policy-3.12.1-116.fc20' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2014-0806/selinux-policy-3.12.1-116.fc20 then log in and leave karma (feedback).
selinux-policy-3.12.1-116.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
SELinux is preventing /usr/sbin/bumblebeed from 'write' accesses on the file bbswitch. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that bumblebeed should be allowed write access on the bbswitch file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep bumblebeed /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:bumblebee_t:s0 Target Context system_u:object_r:proc_t:s0 Target Objects bbswitch [ file ] Source bumblebeed Source Path /usr/sbin/bumblebeed Port <Unknown> Host (removed) Source RPM Packages bumblebee-3.2.1-4.fc20.x86_64 Target RPM Packages Policy RPM selinux-policy-3.12.1-119.fc20.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 3.12.8-300.fc20.x86_64 #1 SMP Thu Jan 16 01:07:50 UTC 2014 x86_64 x86_64 Alert Count 1 First Seen 2014-01-23 15:39:55 CET Last Seen 2014-01-23 15:39:55 CET Local ID 52549042-7511-4bb6-a265-b6826c20ec24 Raw Audit Messages type=AVC msg=audit(1390487995.948:382): avc: denied { write } for pid=492 comm="bumblebeed" name="bbswitch" dev="proc" ino=4026532372 scontext=system_u:system_r:bumblebee_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file type=SYSCALL msg=audit(1390487995.948:382): arch=x86_64 syscall=open success=yes exit=ENXIO a0=409895 a1=241 a2=1b6 a3=22 items=0 ppid=1 pid=492 auid=4294967295 uid=0 gid=1001 euid=0 suid=0 fsuid=0 egid=1001 sgid=1001 fsgid=1001 ses=4294967295 tty=(none) comm=bumblebeed exe=/usr/sbin/bumblebeed subj=system_u:system_r:bumblebee_t:s0 key=(null) Hash: bumblebeed,bumblebee_t,proc_t,file,write
same here still: SELinux is preventing /usr/sbin/bumblebeed from write access on the file bbswitch. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that bumblebeed should be allowed write access on the bbswitch file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep bumblebeed /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:bumblebee_t:s0 Target Context system_u:object_r:proc_t:s0 Target Objects bbswitch [ file ] Source bumblebeed Source Path /usr/sbin/bumblebeed Port <Unknown> Host <Unknown> Source RPM Packages bumblebee-3.2.1-4.fc20.x86_64 Target RPM Packages Policy RPM selinux-policy-3.12.1-119.fc20.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name lianxiang.the-loeki.net Platform Linux lianxiang.the-loeki.net 3.12.9-301.fc20.x86_64 #1 SMP Wed Jan 29 15:56:22 UTC 2014 x86_64 x86_64 Alert Count 11 First Seen 2014-02-06 10:28:04 CET Last Seen 2014-02-08 12:12:12 CET Local ID 61ea4377-0310-490c-b83f-69437ad2f3dc Raw Audit Messages type=AVC msg=audit(1391857932.475:19): avc: denied { write } for pid=475 comm="bumblebeed" name="bbswitch" dev="proc" ino=4026532369 scontext=system_u:system_r:bumblebee_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file type=SYSCALL msg=audit(1391857932.475:19): arch=x86_64 syscall=open success=yes exit=EIO a0=409895 a1=241 a2=1b6 a3=22 items=0 ppid=1 pid=475 auid=4294967295 uid=0 gid=1001 euid=0 suid=0 fsuid=0 egid=1001 sgid=1001 fsgid=1001 ses=4294967295 tty=(none) comm=bumblebeed exe=/usr/sbin/bumblebeed subj=system_u:system_r:bumblebee_t:s0 key=(null) Hash: bumblebeed,bumblebee_t,proc_t,file,write
Verifying this annoying problem: SELinux is preventing /usr/sbin/bumblebeed from 'write' accesses on the file bbswitch. ***** Plugin catchall (100. confidence) suggests ************************** If sie denken, dass es bumblebeed standardmässig erlaubt sein sollte, write Zugriff auf bbswitch file zu erhalten. Then sie sollten dies als Fehler melden. Um diesen Zugriff zu erlauben, können Sie ein lokales Richtlinien-Modul erstellen. Do zugriff jetzt erlauben, indem Sie die nachfolgenden Befehle ausführen: # grep bumblebeed /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:bumblebee_t:s0 Target Context system_u:object_r:proc_t:s0 Target Objects bbswitch [ file ] Source bumblebeed Source Path /usr/sbin/bumblebeed Port <Unknown> Host (removed) Source RPM Packages bumblebee-3.2.1-4.fc20.x86_64 Target RPM Packages Policy RPM selinux-policy-3.12.1-119.fc20.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 3.12.9-301.fc20.x86_64 #1 SMP Wed Jan 29 15:56:22 UTC 2014 x86_64 x86_64 Alert Count 1 First Seen 2014-02-09 15:30:29 CET Last Seen 2014-02-09 15:30:29 CET Local ID d26ee5e4-f410-4ac8-b132-dc5b0017eba4 Raw Audit Messages type=AVC msg=audit(1391956229.265:27): avc: denied { write } for pid=647 comm="bumblebeed" name="bbswitch" dev="proc" ino=4026532316 scontext=system_u:system_r:bumblebee_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file type=SYSCALL msg=audit(1391956229.265:27): arch=x86_64 syscall=open success=yes exit=EIO a0=409895 a1=241 a2=1b6 a3=22 items=0 ppid=1 pid=647 auid=4294967295 uid=0 gid=1001 euid=0 suid=0 fsuid=0 egid=1001 sgid=1001 fsgid=1001 ses=4294967295 tty=(none) comm=bumblebeed exe=/usr/sbin/bumblebeed subj=system_u:system_r:bumblebee_t:s0 key=(null) Hash: bumblebeed,bumblebee_t,proc_t,file,write