Description of problem: SELinux is preventing (tor) from mounton access on the directory /run/tor. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that (tor) should be allowed mounton access on the tor directory by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c '(tor)' --raw | audit2allow -M my-tor # semodule -X 300 -i my-tor.pp Additional Information: Source Context system_u:system_r:init_t:s0 Target Context system_u:object_r:tor_var_run_t:s0 Target Objects /run/tor [ dir ] Source (tor) Source Path (tor) Port <Unknown> Host argon Source RPM Packages Target RPM Packages tor-0.2.7.6-6.fc24.x86_64 Policy RPM selinux-policy-3.13.1-191.12.fc24.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name argon Platform Linux argon 4.6.6-300.fc24.x86_64 #1 SMP Wed Aug 10 21:07:35 UTC 2016 x86_64 x86_64 Alert Count 7683 First Seen 2016-08-23 00:46:04 CEST Last Seen 2016-08-23 22:44:19 CEST Local ID 886dcb45-1e8b-410e-afeb-263bba6691ac Raw Audit Messages type=AVC msg=audit(1471985059.894:26186): avc: denied { mounton } for pid=3861 comm="(tor)" path="/run/tor" dev="tmpfs" ino=17042 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:tor_var_run_t:s0 tclass=dir permissive=0 Hash: (tor),init_t,tor_var_run_t,dir,mounton # ls -laZ /run/tor total 0 drwxr-x---. 2 toranon toranon system_u:object_r:tor_var_run_t:s0 40 ago 23 09:31 . drwxr-xr-x. 45 root root system_u:object_r:var_run_t:s0 1320 ago 23 10:31 .. # ls -laZ /usr/bin/tor -rwxr-xr-x. 1 root root system_u:object_r:tor_exec_t:s0 2296304 feb 5 2016 /usr/bin/tor Additional info: # rpm -q tor tor-0.2.7.6-6.fc24.x86_64 # rpm -q selinux-policy selinux-policy-3.13.1-191.12.fc24.noarch
SELinux is preventing (tor) from mounton access on the directory /run/tor. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that (tor) should be allowed mounton access on the tor directory by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c '(tor)' --raw | audit2allow -M my-tor # semodule -X 300 -i my-tor.pp
SELinux is preventing (tor) from mounton access on the directory /run/tor. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that (tor) should be allowed mounton access on the tor directory by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c '(tor)' --raw | audit2allow -M my-tor # semodule -X 300 -i my-tor.pp Additional Information: Source Context system_u:system_r:init_t:s0 Target Context system_u:object_r:tor_var_run_t:s0 Target Objects /run/tor [ dir ] Source (tor) Source Path (tor) Port Host localhost.localdomain Source RPM Packages Target RPM Packages tor-0.2.7.6-6.fc24.x86_64 Policy RPM selinux-policy-3.13.1-191.13.fc24.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name localhost.localdomain Platform Linux localhost.localdomain 4.6.7-300.fc24.x86_64 #1 SMP Wed Aug 17 18:48:43 UTC 2016 x86_64 x86_64 Alert Count 30 First Seen 2016-08-28 23:39:19 PDT Last Seen 2016-08-31 06:51:10 PDT Local ID 91be2f81-508f-455a-bd33-e0cdabf3173a Raw Audit Messages type=AVC msg=audit(1472651470.375:264): avc: denied { mounton } for pid=3273 comm="(tor)" path="/run/tor" dev="tmpfs" ino=23655 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:tor_var_run_t:s0 tclass=dir permissive=0 Hash: (tor),init_t,tor_var_run_t,dir,mounton
*** This bug has been marked as a duplicate of bug 1357395 ***