Bug 1349045 - selinux error rebasing f23 atomic host to f24
Summary: selinux error rebasing f23 atomic host to f24
Keywords:
Status: CLOSED DUPLICATE of bug 1309075
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: 24
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Miroslav Grepl
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-06-22 15:10 UTC by Micah Abbott
Modified: 2016-06-22 15:30 UTC (History)
6 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2016-06-22 15:30:49 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1309075 0 urgent CLOSED [f23] atomic updates-testing rebase selinux error 2021-02-22 00:41:40 UTC

Internal Links: 1309075

Description Micah Abbott 2016-06-22 15:10:15 UTC 
-bash-4.3# rpm-ostree status
  TIMESTAMP (UTC)         VERSION     ID             OSNAME            REFSPEC                                           
* 2016-06-20 20:15:43     23.141      e3e06c5186     fedora-atomic     fedora-atomic:fedora-atomic/f23/x86_64/docker-host
  2016-05-24 01:15:41     23.125      5668f0613e     fedora-atomic     fedora-atomic:fedora-atomic/f23/x86_64/docker-host

-bash-4.3# rpm-ostree --version
rpm-ostree 2016.1
  +compose

-bash-4.3# ostree remote add fedora-24 --set=gpg-verify=false https://dl.fedoraproject.org/pub/fedora/linux/atomic/24

-bash-4.3# rpm-ostree rebase fedora-24:fedora-atomic/24/x86_64/docker-host
error: fsetxattr: Invalid argument

-bash-4.3# ausearch -m avc -ts recent
----
time->Wed Jun 22 14:54:04 2016
type=PROCTITLE msg=audit(1466607244.037:187): proctitle="/usr/libexec/rpm-ostreed"
type=SYSCALL msg=audit(1466607244.037:187): arch=c000003e syscall=190 success=no exit=-22 a0=2b a1=7fd16c0091f1 a2=7fd16c009202 a3=30 items=0 ppid=1 pid=1286 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="pool" exe="/usr/libexec/rpm-ostreed" subj=system_u:system_r:init_t:s0 key=(null)
type=SELINUX_ERR msg=audit(1466607244.037:187): op=setxattr invalid_context="system_u:object_r:systemd_rfkill_unit_file_t:s0"
type=AVC msg=audit(1466607244.037:187): avc:  denied  { mac_admin } for  pid=1286 comm="pool" capability=33  scontext=system_u:system_r:init_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=capability2 permissive=0
----
time->Wed Jun 22 14:54:04 2016
type=PROCTITLE msg=audit(1466607244.038:188): proctitle="/usr/libexec/rpm-ostreed"
type=SYSCALL msg=audit(1466607244.038:188): arch=c000003e syscall=190 success=no exit=-22 a0=2d a1=7fd188009fa1 a2=7fd188009fb2 a3=32 items=0 ppid=1 pid=1288 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="pool" exe="/usr/libexec/rpm-ostreed" subj=system_u:system_r:init_t:s0 key=(null)
type=SELINUX_ERR msg=audit(1466607244.038:188): op=setxattr invalid_context="system_u:object_r:systemd_resolved_unit_file_t:s0"
type=AVC msg=audit(1466607244.038:188): avc:  denied  { mac_admin } for  pid=1288 comm="pool" capability=33  scontext=system_u:system_r:init_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=capability2 permissive=0
Comment 1 Micah Abbott 2016-06-22 15:30:49 UTC 

*** This bug has been marked as a duplicate of bug 1309075 ***
Note You need to log in before you can comment on or make changes to this bug.