The following custom module: - ---------- policy_module(MYLOCAL_localtweaks,1.4.0) #*************** # No idea what's causing all these ;haven't submitted bugs #*************** require { type system_cronjob_t; type staff_screen_t; } #============= staff_screen_t ============== # userdom_user_home_content_filetrans(staff_screen_t) #============= system_cronjob_t ============== antivirus_domain_template(system_cronjob_t) - ----------- makes normally: + /usr/bin/make -f /usr/share/selinux/devel/Makefile Compiling targeted MYLOCAL_localtweaks module /usr/bin/checkmodule: loading policy configuration from tmp/MYLOCAL_localtweaks.tmp /usr/bin/checkmodule: policy configuration loaded /usr/bin/checkmodule: writing binary representation (version 17) to tmp/MYLOCAL_localtweaks.mod Creating targeted MYLOCAL_localtweaks.pp policy package rm tmp/MYLOCAL_localtweaks.mod tmp/MYLOCAL_localtweaks.mod.fc but can't load: + /usr/sbin/semodule -i MYLOCAL_localtweaks.pp libsepol.expand_terule_helper: conflicting TE rule for (system_cronjob_t, var_log_t:file): old was antivirus_log_t, new is cron_log_t libsepol.expand_module: Error during expand libsemanage.semanage_expand_sandbox: Expand module failed /usr/sbin/semodule: Failed! I made this module because of the following AVCs: type=USER_AVC msg=audit(1443906301.615:122467): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: received policyload notice (seqno=16) exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?' type=AVC msg=audit(1443911633.802:123239): avc: denied { write } for pid=18998 comm="clamav-notify-s" name="clamd.sock" dev="tmpfs" ino=18731 scontext=system_u:system_r:system_cronjob_t:s0-s0:c0.c1023 tcontext=system_u:object_r:antivirus_var_run_t:s0 tclass=sock_file permissive=0 which I don't know what's causing them, *shrug*.
Sorry, problem *loading*; the compilation goes fine.
Sorry, I forgot the important bit: the rule that's breaking was generated by audit2allow
Fedora 22 changed to end-of-life (EOL) status on 2016-07-19. Fedora 22 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed.