Description of problem: This happened at login when I rebooted after installing version 358.16 of nvidia. This forces cinnamon into fallback mode. SELinux is preventing cinnamon from read, write access on the chr_file nvidiactl. ***** Plugin device (91.4 confidence) suggests **************************** If you want to allow cinnamon to have read write access on the nvidiactl chr_file Then you need to change the label on nvidiactl to a type of a similar device. Do # semanage fcontext -a -t SIMILAR_TYPE 'nvidiactl' # restorecon -v 'nvidiactl' ***** Plugin catchall (9.59 confidence) suggests ************************** If you believe that cinnamon should be allowed read write access on the nvidiactl chr_file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep cinnamon /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context staff_u:staff_r:staff_t:s0-s0:c0.c1023 Target Context system_u:object_r:device_t:s0 Target Objects nvidiactl [ chr_file ] Source cinnamon Source Path cinnamon Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-128.18.fc22.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.2.6-200.fc22.x86_64 #1 SMP Tue Nov 10 16:45:19 UTC 2015 x86_64 x86_64 Alert Count 11 First Seen 2015-11-25 15:52:59 PST Last Seen 2015-12-01 13:43:49 PST Local ID 54c7f84c-baae-4fc1-ba14-10290dabcdcf Raw Audit Messages type=AVC msg=audit(1449006229.32:631): avc: denied { read write } for pid=2465 comm="cinnamon" name="nvidiactl" dev="devtmpfs" ino=18142 scontext=staff_u:staff_r:staff_t:s0-s0:c0.c1023 tcontext=system_u:object_r:device_t:s0 tclass=chr_file permissive=0 Hash: cinnamon,staff_t,device_t,chr_file,read,write Version-Release number of selected component: selinux-policy-3.13.1-128.18.fc22.noarch Additional info: reporter: libreport-2.6.3 hashmarkername: setroubleshoot kernel: 4.2.6-200.fc22.x86_64 type: libreport Potential duplicate: bug 1199367
How is labeled /dev/nvidiactl now? ls -Z /dev/nvidiactl
Oops, sorry for the delay. Everything nvidia-related is xserver_misc_device_t. crw-rw-rw-. 1 root root system_u:object_r:xserver_misc_device_t:s0 195, 0 Dec 22 16:36 /dev/nvidia0 crw-rw-rw-. 1 root root system_u:object_r:xserver_misc_device_t:s0 195, 255 Dec 22 16:36 /dev/nvidiactl crw-rw-rw-. 1 root root system_u:object_r:xserver_misc_device_t:s0 195, 254 Dec 22 16:36 /dev/nvidia-modeset
Fedora 22 changed to end-of-life (EOL) status on 2016-07-19. Fedora 22 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed.