Description of problem: 1. (as normal user in a terminal) issue: ulimit -c unlimited 2. compile a programs that abort()s 3. run it -> terminal output reads: quit (core dumped) ./a.out actual result: no core file available in the CWD expected result: a core file in the CWD System jounal contains the AVC regarding getattr being denied. Also: abrt-hook-ccpp[7370]: getpidcon_raw(7368): Permission denied cat /proc/sys/kernel/core_pattern |/usr/libexec/abrt-hook-ccpp %s %c %p %u %g %t %e %P %I SELinux is preventing abrt-hook-ccpp from using the 'getattr' accesses on a process. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that abrt-hook-ccpp should be allowed getattr access on processes labeled unconfined_t by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep abrt-hook-ccpp /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:abrt_dump_oops_t:s0 Target Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1 023 Target Objects Unknown [ process ] Source abrt-hook-ccpp Source Path abrt-hook-ccpp Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-154.fc23.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.2.5-300.fc23.x86_64 #1 SMP Tue Oct 27 04:29:56 UTC 2015 x86_64 x86_64 Alert Count 1 First Seen 2015-11-14 15:38:42 CET Last Seen 2015-11-14 15:38:42 CET Local ID e673ce59-b726-46e6-9e5b-a4c056f78e94 Raw Audit Messages type=AVC msg=audit(1447511922.821:724): avc: denied { getattr } for pid=7370 comm="abrt-hook-ccpp" scontext=system_u:system_r:abrt_dump_oops_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=process permissive=0 Hash: abrt-hook-ccpp,abrt_dump_oops_t,unconfined_t,process,getattr Version-Release number of selected component: selinux-policy-3.13.1-154.fc23.noarch Additional info: reporter: libreport-2.6.3 hashmarkername: setroubleshoot kernel: 4.2.5-300.fc23.x86_64 type: libreport
selinux-policy-3.13.1-155.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2015-0d84d6c75f
selinux-policy-3.13.1-155.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with $ su -c 'dnf --enablerepo=updates-testing update selinux-policy' You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-0d84d6c75f
selinux-policy-3.13.1-155.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.