Hide Forgot
Description of problem: The AVC occured at boot. Problably after an upgrade of the system. SELinux is preventing openct-control from using the 'wake_alarm' capabilities. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that openct-control should have the wake_alarm capability by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'openct-control' --raw | audit2allow -M my-openctcontrol # semodule -X 300 -i my-openctcontrol.pp Additional Information: Source Context system_u:system_r:openct_t:s0 Target Context system_u:system_r:openct_t:s0 Target Objects Unknown [ capability2 ] Source openct-control Source Path openct-control Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-191.19.fc24.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.8.4-200.fc24.x86_64 #1 SMP Tue Oct 25 13:06:04 UTC 2016 x86_64 x86_64 Alert Count 1 First Seen 2016-11-03 12:22:14 CET Last Seen 2016-11-03 12:22:14 CET Local ID 7c5a02fc-c7ca-4f95-bad3-9ba8f85b4f2d Raw Audit Messages type=AVC msg=audit(1478172134.437:134): avc: denied { wake_alarm } for pid=1627 comm="openct-control" capability=35 scontext=system_u:system_r:openct_t:s0 tcontext=system_u:system_r:openct_t:s0 tclass=capability2 permissive=0 Hash: openct-control,openct_t,openct_t,capability2,wake_alarm Version-Release number of selected component: selinux-policy-3.13.1-191.19.fc24.noarch Additional info: reporter: libreport-2.7.2 hashmarkername: setroubleshoot kernel: 4.8.4-200.fc24.x86_64 type: libreport
Probably due to a kernel update, from kernel-4.7.9-200.fc24.x86_64 to kernel-4.8.4-200.fc24.x86_64.
selinux-policy-3.13.1-191.21.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-abb3ede5d5
selinux-policy-3.13.1-191.21.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-abb3ede5d5
selinux-policy-3.13.1-191.21.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.