Description of problem: when executing bumblebee in a dell XPS15 with nvidia GeForce GT 750M/PCIe/SSE2 and with intel 4th Gen Core Processor Integrated Graphics Controller en i7 (hashwell) SELinux is preventing /usr/bin/kmod from 'execute' accesses on the file /usr/bin/kmod. ***** Plugin catchall (100. confidence) suggests ************************** If cree que de manera predeterminada, kmod debería permitir acceso execute sobre kmod file. Then debería reportar esto como un error. Puede generar un módulo de política local para permitir este acceso. Do permita el acceso momentáneamente executando: # grep rmmod /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:bumblebee_t:s0 Target Context system_u:object_r:insmod_exec_t:s0 Target Objects /usr/bin/kmod [ file ] Source rmmod Source Path /usr/bin/kmod Port <Unknown> Host (removed) Source RPM Packages kmod-15-1.fc20.x86_64 Target RPM Packages kmod-15-1.fc20.x86_64 Policy RPM selinux-policy-3.12.1-105.fc20.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 3.11.10-300.fc20.x86_64 #1 SMP Fri Nov 29 19:16:48 UTC 2013 x86_64 x86_64 Alert Count 1 First Seen 2013-12-11 18:13:06 CET Last Seen 2013-12-11 18:13:06 CET Local ID cc3bdbff-8aae-448d-8c2e-2139c2442670 Raw Audit Messages type=AVC msg=audit(1386781986.938:1191): avc: denied { execute } for pid=13913 comm="bumblebeed" name="kmod" dev="sda4" ino=173607 scontext=system_u:system_r:bumblebee_t:s0 tcontext=system_u:object_r:insmod_exec_t:s0 tclass=file type=AVC msg=audit(1386781986.938:1191): avc: denied { read open } for pid=13913 comm="bumblebeed" path="/usr/bin/kmod" dev="sda4" ino=173607 scontext=system_u:system_r:bumblebee_t:s0 tcontext=system_u:object_r:insmod_exec_t:s0 tclass=file type=AVC msg=audit(1386781986.938:1191): avc: denied { execute_no_trans } for pid=13913 comm="bumblebeed" path="/usr/bin/kmod" dev="sda4" ino=173607 scontext=system_u:system_r:bumblebee_t:s0 tcontext=system_u:object_r:insmod_exec_t:s0 tclass=file type=SYSCALL msg=audit(1386781986.938:1191): arch=x86_64 syscall=execve success=yes exit=0 a0=7fffa7d69ff8 a1=7fffa7d6a0f0 a2=7fffa7d6a738 a3=7fd36a449a10 items=0 ppid=502 pid=13913 auid=4294967295 uid=0 gid=1001 euid=0 suid=0 fsuid=0 egid=1001 sgid=1001 fsgid=1001 ses=4294967295 tty=(none) comm=rmmod exe=/usr/bin/kmod subj=system_u:system_r:bumblebee_t:s0 key=(null) Hash: rmmod,bumblebee_t,insmod_exec_t,file,execute Additional info: reporter: libreport-2.1.9 hashmarkername: setroubleshoot kernel: 3.11.10-300.fc20.x86_64 type: libreport
Has been fixed.
selinux-policy-3.12.1-116.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/selinux-policy-3.12.1-116.fc20
Package selinux-policy-3.12.1-116.fc20: * should fix your issue, * was pushed to the Fedora 20 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing selinux-policy-3.12.1-116.fc20' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2014-0806/selinux-policy-3.12.1-116.fc20 then log in and leave karma (feedback).
selinux-policy-3.12.1-116.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.