Description of problem: SELinux is preventing /usr/bin/plymouth from 'execute' accesses on the file /usr/bin/plymouth. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that plymouth should be allowed execute access on the plymouth file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep plymouth /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:getty_t:s0-s0:c0.c1023 Target Context system_u:object_r:plymouth_exec_t:s0 Target Objects /usr/bin/plymouth [ file ] Source plymouth Source Path /usr/bin/plymouth Port <Unknown> Host (removed) Source RPM Packages plymouth-0.8.9-6.2013.08.14.fc21.x86_64 Target RPM Packages plymouth-0.8.9-6.2013.08.14.fc21.x86_64 Policy RPM selinux-policy-3.13.1-63.fc21.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Host Name (removed) Platform Linux (removed) 3.16.0-0.rc3.git3.1.fc21.x86_64 #1 SMP Fri Jul 4 15:23:59 UTC 2014 x86_64 x86_64 Alert Count 1 First Seen 2014-07-11 15:11:48 IST Last Seen 2014-07-11 15:11:48 IST Local ID 3a1f25b7-6c57-4555-9d32-f2e215522103 Raw Audit Messages type=AVC msg=audit(1405071708.734:3095): avc: denied { execute } for pid=27629 comm="agetty" name="plymouth" dev="sda6" ino=22488226 scontext=system_u:system_r:getty_t:s0-s0:c0.c1023 tcontext=system_u:object_r:plymouth_exec_t:s0 tclass=file permissive=1 type=AVC msg=audit(1405071708.734:3095): avc: denied { read open } for pid=27629 comm="agetty" path="/usr/bin/plymouth" dev="sda6" ino=22488226 scontext=system_u:system_r:getty_t:s0-s0:c0.c1023 tcontext=system_u:object_r:plymouth_exec_t:s0 tclass=file permissive=1 type=AVC msg=audit(1405071708.734:3095): avc: denied { execute_no_trans } for pid=27629 comm="agetty" path="/usr/bin/plymouth" dev="sda6" ino=22488226 scontext=system_u:system_r:getty_t:s0-s0:c0.c1023 tcontext=system_u:object_r:plymouth_exec_t:s0 tclass=file permissive=1 type=SYSCALL msg=audit(1405071708.734:3095): arch=x86_64 syscall=execve success=yes exit=0 a0=406374 a1=7fff4c3f8580 a2=7fff4c3fd030 a3=81 items=0 ppid=27628 pid=27629 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty4 ses=4294967295 comm=plymouth exe=/usr/bin/plymouth subj=system_u:system_r:getty_t:s0-s0:c0.c1023 key=(null) Hash: plymouth,getty_t,plymouth_exec_t,file,execute Version-Release number of selected component: selinux-policy-3.13.1-63.fc21.noarch Additional info: reporter: libreport-2.2.3 hashmarkername: setroubleshoot kernel: 3.16.0-0.rc4.git1.1.fc21.x86_64 type: libreport
Why is getty trying to execute plymouth?
I dont see this issue anymore.