Description of problem: Start Fedora 22 with Xen and bridge SELinux is preventing brctl from read, append access on the file /run/libvirt/network/nwfilter.leases. ***** Plugin catchall (100. confidence) suggests ************************** If вы считаете, что brctl следует разрешить доступ read append к nwfilter.leases file по умолчанию. Then рекомендуется создать отчет об ошибке. Чтобы разрешить доступ, можно создать локальный модуль политики. Do чтобы разрешить доступ, выполните: # grep brctl /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:brctl_t:s0-s0:c0.c1023 Target Context system_u:object_r:dnsmasq_var_run_t:s0 Target Objects /run/libvirt/network/nwfilter.leases [ file ] Source brctl Source Path brctl Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-128.13.fc22.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.1.6-201.fc22.x86_64 #1 SMP Fri Sep 4 17:49:24 UTC 2015 x86_64 x86_64 Alert Count 30 First Seen 2015-09-19 22:31:46 MSK Last Seen 2015-09-19 23:20:09 MSK Local ID 03e4f226-a225-479e-bcac-18f24f8120b0 Raw Audit Messages type=AVC msg=audit(1442694009.737:1080): avc: denied { read append } for pid=7686 comm="brctl" path="/run/libvirt/network/nwfilter.leases" dev="tmpfs" ino=27451 scontext=system_u:system_r:brctl_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dnsmasq_var_run_t:s0 tclass=file permissive=0 Hash: brctl,brctl_t,dnsmasq_var_run_t,file,read,append Version-Release number of selected component: selinux-policy-3.13.1-128.13.fc22.noarch Additional info: reporter: libreport-2.6.2 hashmarkername: setroubleshoot kernel: 4.1.6-201.fc22.x86_64 type: libreport Potential duplicate: bug 1178564
*** This bug has been marked as a duplicate of bug 1178564 ***