Description of problem: SELinux is preventing /usr/bin/Xorg from 'getattr' accesses on the chr_file /dev/dri/card1. ***** Plugin catchall (100. confidence) suggests ************************** If 您确定应默认允许 Xorg getattr 访问 card1 chr_file。 Then 您应该将这个情况作为 bug 报告。 您可以生成本地策略模块允许这个访问。 Do 请执行以下命令此时允许这个访问: # grep Xorg /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:bumblebee_t:s0 Target Context system_u:object_r:dri_device_t:s0 Target Objects /dev/dri/card1 [ chr_file ] Source Xorg Source Path /usr/bin/Xorg Port <Unknown> Host (removed) Source RPM Packages xorg-x11-server-Xorg-1.14.4-5.fc20.x86_64 Target RPM Packages Policy RPM selinux-policy-3.12.1-106.fc20.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 3.12.5-302.fc20.x86_64 #1 SMP Tue Dec 17 20:42:32 UTC 2013 x86_64 x86_64 Alert Count 1 First Seen 2013-12-22 17:51:19 CST Last Seen 2013-12-22 17:51:19 CST Local ID 492a918c-61b5-4762-b740-7f77384db8e5 Raw Audit Messages type=AVC msg=audit(1387705879.890:1179): avc: denied { getattr } for pid=5456 comm="Xorg" path="/dev/dri/card1" dev="devtmpfs" ino=25454 scontext=system_u:system_r:bumblebee_t:s0 tcontext=system_u:object_r:dri_device_t:s0 tclass=chr_file type=SYSCALL msg=audit(1387705879.890:1179): arch=x86_64 syscall=fstat success=yes exit=0 a0=11 a1=7fff645c1f10 a2=7fff645c1f10 a3=0 items=0 ppid=4731 pid=5456 auid=4294967295 uid=0 gid=1001 euid=0 suid=0 fsuid=0 egid=1001 sgid=1001 fsgid=1001 ses=4294967295 tty=(none) comm=Xorg exe=/usr/bin/Xorg subj=system_u:system_r:bumblebee_t:s0 key=(null) Hash: Xorg,bumblebee_t,dri_device_t,chr_file,getattr Additional info: reporter: libreport-2.1.10 hashmarkername: setroubleshoot kernel: 3.12.5-302.fc20.x86_64 type: libreport
Should bumblebee be running Xorg as bumblebee_t?
(In reply to Daniel Walsh from comment #1) > Should bumblebee be running Xorg as bumblebee_t? No. and I don't know bumblebee not when update or other. bumblebee not work now when update kernel 3.12.5-302.fc20.x86_64 and update sudo yum history info 932 已加载插件:fastestmirror, langpacks 事务 ID: 932 起始时间 : Tue Dec 24 16:28:27 2013 启动 RPM 数据库 : 2526:33d1b51c69cd24b1326a896533178afb7ef50d61 结束时间 : 16:31:09 2013 (162 秒) 结束 RPM 数据库 : 2527:e6855d7cfffb7a5b890203c926ca1c41820c7f19 用户 : remove <remove> 返回码 : 成功 命令行 : update 事务完成属主: 已安装 rpm-4.11.1-7.fc20.x86_64 installed 更新完毕 yum-3.4.3-122.fc20.noarch @updates 已安装 yum-metadata-parser-1.1.4-9.fc20.x86_64 installed 已安装 yum-plugin-fastestmirror-1.1.31-19.fc20.noarch @updates 已变更的包: 更新完毕 autocorr-en-1:4.1.4.2-1.fc20.noarch @updates 更新 1:4.1.4.2-2.fc20.noarch @updates Loading mirror speeds from cached hostfile * fedora: mirrors.yun-idc.com * rpmfusion-free: mirror.bjtu.edu.cn * rpmfusion-free-updates: mirror.bjtu.edu.cn * rpmfusion-nonfree: mirror.bjtu.edu.cn * rpmfusion-nonfree-updates: mirror.bjtu.edu.cn * updates: mirrors.ustc.edu.cn 更新完毕 crontabs-1.11-6.20121102git.fc20.noarch @?fedora 更新 1.11-7.20130830git.fc20.noarch @updates 更新完毕 device-mapper-1.02.82-3.fc20.x86_64 @?fedora 更新 1.02.82-5.fc20.x86_64 @updates 更新完毕 device-mapper-event-1.02.82-3.fc20.x86_64 @?fedora 更新 1.02.82-5.fc20.x86_64 @updates 更新完毕 device-mapper-event-libs-1.02.82-3.fc20.x86_64 @?fedora 更新 1.02.82-5.fc20.x86_64 @updates 更新完毕 device-mapper-libs-1.02.82-3.fc20.i686 @fedora 更新完毕 device-mapper-libs-1.02.82-3.fc20.x86_64 @?fedora 更新 1.02.82-5.fc20.i686 @updates 更新 1.02.82-5.fc20.x86_64 @updates 更新完毕 libdvdnav-4.2.0-5.fc20.i686 @fedora 更新完毕 libdvdnav-4.2.0-5.fc20.x86_64 @?fedora 更新 4.2.1-1.fc20.i686 @updates 更新 4.2.1-1.fc20.x86_64 @updates 更新完毕 libdvdread-4.2.0-5.fc20.i686 @fedora 更新完毕 libdvdread-4.2.0-5.fc20.x86_64 @?fedora 更新 4.2.1-1.fc20.i686 @updates 更新 4.2.1-1.fc20.x86_64 @updates 更新完毕 libjpeg-turbo-1.3.0-1.fc20.i686 @fedora 更新完毕 libjpeg-turbo-1.3.0-1.fc20.x86_64 @?fedora 更新 1.3.0-2.fc20.i686 @updates 更新 1.3.0-2.fc20.x86_64 @updates 更新完毕 libjpeg-turbo-devel-1.3.0-1.fc20.x86_64 @?fedora 更新 1.3.0-2.fc20.x86_64 @updates 更新完毕 libreoffice-calc-1:4.1.4.2-1.fc20.x86_64 @updates 更新 1:4.1.4.2-2.fc20.x86_64 @updates 更新完毕 libreoffice-core-1:4.1.4.2-1.fc20.x86_64 @updates 更新 1:4.1.4.2-2.fc20.x86_64 @updates 更新完毕 libreoffice-draw-1:4.1.4.2-1.fc20.x86_64 @updates 更新 1:4.1.4.2-2.fc20.x86_64 @updates 更新完毕 libreoffice-graphicfilter-1:4.1.4.2-1.fc20.x86_64 @updates 更新 1:4.1.4.2-2.fc20.x86_64 @updates 更新完毕 libreoffice-impress-1:4.1.4.2-1.fc20.x86_64 @updates 更新 1:4.1.4.2-2.fc20.x86_64 @updates 更新完毕 libreoffice-math-1:4.1.4.2-1.fc20.x86_64 @updates 更新 1:4.1.4.2-2.fc20.x86_64 @updates 更新完毕 libreoffice-ogltrans-1:4.1.4.2-1.fc20.x86_64 @updates 更新 1:4.1.4.2-2.fc20.x86_64 @updates 更新完毕 libreoffice-opensymbol-fonts-1:4.1.4.2-1.fc20.noarch @updates 更新 1:4.1.4.2-2.fc20.noarch @updates 更新完毕 libreoffice-pdfimport-1:4.1.4.2-1.fc20.x86_64 @updates 更新 1:4.1.4.2-2.fc20.x86_64 @updates 更新完毕 libreoffice-ure-1:4.1.4.2-1.fc20.x86_64 @updates 更新 1:4.1.4.2-2.fc20.x86_64 @updates 更新完毕 libreoffice-writer-1:4.1.4.2-1.fc20.x86_64 @updates 更新 1:4.1.4.2-2.fc20.x86_64 @updates 更新完毕 libreoffice-xsltfilter-1:4.1.4.2-1.fc20.x86_64 @updates 更新 1:4.1.4.2-2.fc20.x86_64 @updates 更新完毕 libselinux-2.1.13-19.fc20.i686 @fedora 更新完毕 libselinux-2.1.13-19.fc20.x86_64 @?fedora 更新 2.2.1-4.fc20.i686 @updates 更新 2.2.1-4.fc20.x86_64 @updates 更新完毕 libselinux-devel-2.1.13-19.fc20.x86_64 @?fedora 更新 2.2.1-4.fc20.x86_64 @updates 更新完毕 libselinux-python-2.1.13-19.fc20.x86_64 @?fedora 更新 2.2.1-4.fc20.x86_64 @updates 更新完毕 libselinux-utils-2.1.13-19.fc20.x86_64 @?fedora 更新 2.2.1-4.fc20.x86_64 @updates 更新完毕 libsmbclient-2:4.1.2-1.fc20.x86_64 @updates 更新 2:4.1.3-2.fc20.x86_64 @updates 更新完毕 libtiff-4.0.3-12.fc20.i686 @fedora 更新完毕 libtiff-4.0.3-12.fc20.x86_64 @?fedora 更新 4.0.3-14.fc20.i686 @updates 更新 4.0.3-14.fc20.x86_64 @updates 更新完毕 libtiff-devel-4.0.3-12.fc20.x86_64 @?fedora 更新 4.0.3-14.fc20.x86_64 @updates 更新完毕 libwbclient-2:4.1.2-1.fc20.x86_64 @updates 更新 2:4.1.3-2.fc20.x86_64 @updates 更新完毕 lvm2-2.02.103-3.fc20.x86_64 @?fedora 更新 2.02.103-5.fc20.x86_64 @updates 更新完毕 lvm2-libs-2.02.103-3.fc20.x86_64 @?fedora 更新 2.02.103-5.fc20.x86_64 @updates 更新完毕 mesa-dri-drivers-9.2.4-1.20131128.fc20.x86_64 @updates 更新 9.2.5-1.20131220.fc20.x86_64 @updates 更新完毕 mesa-filesystem-9.2.4-1.20131128.fc20.x86_64 @updates 更新 9.2.5-1.20131220.fc20.x86_64 @updates 更新完毕 mesa-libEGL-9.2.4-1.20131128.fc20.i686 @updates 更新完毕 mesa-libEGL-9.2.4-1.20131128.fc20.x86_64 @updates 更新 9.2.5-1.20131220.fc20.i686 @updates 更新 9.2.5-1.20131220.fc20.x86_64 @updates 更新完毕 mesa-libEGL-devel-9.2.4-1.20131128.fc20.x86_64 @updates 更新 9.2.5-1.20131220.fc20.x86_64 @updates 更新完毕 mesa-libGL-9.2.4-1.20131128.fc20.i686 @updates 更新完毕 mesa-libGL-9.2.4-1.20131128.fc20.x86_64 @updates 更新 9.2.5-1.20131220.fc20.i686 @updates 更新 9.2.5-1.20131220.fc20.x86_64 @updates 更新完毕 mesa-libGL-devel-9.2.4-1.20131128.fc20.x86_64 @updates 更新 9.2.5-1.20131220.fc20.x86_64 @updates 更新完毕 mesa-libGLES-9.2.4-1.20131128.fc20.x86_64 @updates 更新 9.2.5-1.20131220.fc20.x86_64 @updates 更新完毕 mesa-libGLES-devel-9.2.4-1.20131128.fc20.x86_64 @updates 更新 9.2.5-1.20131220.fc20.x86_64 @updates 更新完毕 mesa-libOSMesa-9.2.4-1.20131128.fc20.x86_64 @updates 更新 9.2.5-1.20131220.fc20.x86_64 @updates 更新完毕 mesa-libOSMesa-devel-9.2.4-1.20131128.fc20.x86_64 @updates 更新 9.2.5-1.20131220.fc20.x86_64 @updates 更新完毕 mesa-libgbm-9.2.4-1.20131128.fc20.i686 @updates 更新完毕 mesa-libgbm-9.2.4-1.20131128.fc20.x86_64 @updates 更新 9.2.5-1.20131220.fc20.i686 @updates 更新 9.2.5-1.20131220.fc20.x86_64 @updates 更新完毕 mesa-libgbm-devel-9.2.4-1.20131128.fc20.x86_64 @updates 更新 9.2.5-1.20131220.fc20.x86_64 @updates 更新完毕 mesa-libglapi-9.2.4-1.20131128.fc20.i686 @updates 更新完毕 mesa-libglapi-9.2.4-1.20131128.fc20.x86_64 @updates 更新 9.2.5-1.20131220.fc20.i686 @updates 更新 9.2.5-1.20131220.fc20.x86_64 @updates 更新完毕 mesa-libwayland-egl-9.2.4-1.20131128.fc20.x86_64 @updates 更新 9.2.5-1.20131220.fc20.x86_64 @updates 更新完毕 mesa-libwayland-egl-devel-9.2.4-1.20131128.fc20.x86_64 @updates 更新 9.2.5-1.20131220.fc20.x86_64 @updates 更新完毕 mesa-libxatracker-9.2.4-1.20131128.fc20.x86_64 @updates
更新完毕 mesa-vdpau-drivers-9.2.4-1.20131128.fc20.x86_64 @updates 更新 9.2.5-1.20131220.fc20.x86_64 @updates 依赖安装 pcre-devel-8.33-2.fc20.1.x86_64 @fedora 更新完毕 python-fedora-0.3.32.3-3.fc20.noarch @?fedora 更新 0.3.33-1.fc20.noarch @updates 更新完毕 samba-client-2:4.1.2-1.fc20.x86_64 @updates 更新 2:4.1.3-2.fc20.x86_64 @updates 更新完毕 samba-common-2:4.1.2-1.fc20.x86_64 @updates 更新 2:4.1.3-2.fc20.x86_64 @updates 更新完毕 samba-libs-2:4.1.2-1.fc20.x86_64 @updates 更新 2:4.1.3-2.fc20.x86_64 @updates 更新完毕 samba-winbind-2:4.1.2-1.fc20.x86_64 @updates 更新 2:4.1.3-2.fc20.x86_64 @updates 更新完毕 samba-winbind-clients-2:4.1.2-1.fc20.x86_64 @updates 更新 2:4.1.3-2.fc20.x86_64 @updates 更新完毕 samba-winbind-modules-2:4.1.2-1.fc20.x86_64 @updates 更新 2:4.1.3-2.fc20.x86_64 @updates 更新完毕 turbojpeg-1.3.0-1.fc20.i686 @fedora 更新完毕 turbojpeg-1.3.0-1.fc20.x86_64 @fedora 更新 1.3.0-2.fc20.i686 @updates 更新 1.3.0-2.fc20.x86_64 @updates history info
Do you know how you did it? Do you have a local policy?
*** This bug has been marked as a duplicate of bug 1045801 ***
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days