Description of problem: SELinux is preventing dnssec-trigger- from 'create' accesses on the lnk_file resolv.conf. ***** Plugin catchall_labels (83.8 confidence) suggests ******************* If you want to allow dnssec-trigger- to have create access on the resolv.conf lnk_file Then należy zmienić etykietę resolv.conf Do # semanage fcontext -a -t FILE_TYPE 'resolv.conf' where FILE_TYPE is one of the following: dnssec_trigger_var_run_t, net_conf_t. Then execute: restorecon -v 'resolv.conf' ***** Plugin catchall (17.1 confidence) suggests ************************** If aby dnssec-trigger- powinno mieć domyślnie create dostęp do resolv.conf lnk_file. Then proszę to zgłosić jako błąd. Można utworzyć lokalny moduł polityki, aby umożliwić ten dostęp. Do allow this access for now by executing: # ausearch -c 'dnssec-trigger-' --raw | audit2allow -M my-dnssectrigger # semodule -X 300 -i my-dnssectrigger.pp Additional Information: Source Context system_u:system_r:dnssec_trigger_t:s0 Target Context system_u:object_r:etc_t:s0 Target Objects resolv.conf [ lnk_file ] Source dnssec-trigger- Source Path dnssec-trigger- Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-191.5.fc24.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.6.4-301.fc24.x86_64 #1 SMP Tue Jul 12 11:50:00 UTC 2016 x86_64 x86_64 Alert Count 1 First Seen 2016-07-28 16:28:16 CEST Last Seen 2016-07-28 16:28:16 CEST Local ID 942d4ba5-0f0d-4774-ab06-cfdc3160a7af Raw Audit Messages type=AVC msg=audit(1469716096.972:541): avc: denied { create } for pid=9962 comm="dnssec-trigger-" name="resolv.conf" scontext=system_u:system_r:dnssec_trigger_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=lnk_file permissive=0 Hash: dnssec-trigger-,dnssec_trigger_t,etc_t,lnk_file,create Version-Release number of selected component: selinux-policy-3.13.1-191.5.fc24.noarch Additional info: reporter: libreport-2.7.2 hashmarkername: setroubleshoot kernel: 4.6.4-301.fc24.x86_64 type: libreport
You moved all the bugs to modified, could you please tell me, what is the version supposed to be fixing the issue?
Yes, selinux-policy-3.13.1-191.16.fc24
selinux-policy-3.13.1-191.16.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-fe39b806b6
selinux-policy-3.13.1-191.16.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-fe39b806b6
selinux-policy-3.13.1-191.16.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.