Description of problem: I was looking at a PDF in Evince when this error popped up. Probably not related. SELinux is preventing systemd from 'read' accesses on the file LoaderTimeInitUSec-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that systemd should be allowed read access on the LoaderTimeInitUSec-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'systemd' --raw | audit2allow -M my-systemd # semodule -X 300 -i my-systemd.pp Additional Information: Source Context system_u:system_r:init_t:s0 Target Context system_u:object_r:efivarfs_t:s0 Target Objects LoaderTimeInitUSec-4a67b082-0a4c-41cf-b6c7-440b29b b8c4f [ file ] Source systemd Source Path systemd Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-191.16.fc24.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.7.4-200.fc24.x86_64 #1 SMP Thu Sep 15 18:42:09 UTC 2016 x86_64 x86_64 Alert Count 1 First Seen 2016-11-19 15:25:54 EST Last Seen 2016-11-19 15:25:54 EST Local ID 974fc6a9-82c5-42ea-865a-974a1b3ff2b6 Raw Audit Messages type=AVC msg=audit(1479587154.928:431): avc: denied { read } for pid=1 comm="systemd" name="LoaderTimeInitUSec-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f" dev="efivarfs" ino=1257 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:efivarfs_t:s0 tclass=file permissive=0 Hash: systemd,init_t,efivarfs_t,file,read Version-Release number of selected component: selinux-policy-3.13.1-191.16.fc24.noarch Additional info: reporter: libreport-2.7.2 hashmarkername: setroubleshoot kernel: 4.7.4-200.fc24.x86_64 type: libreport
Description of problem: Happened while runing package updates through dnf. Version-Release number of selected component: selinux-policy-3.13.1-191.20.fc24.noarch selinux-policy-3.13.1-191.21.fc24.noarch Additional info: reporter: libreport-2.7.2 hashmarkername: setroubleshoot kernel: 4.8.7-200.fc24.x86_64 type: libreport
selinux-policy-3.13.1-191.23.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-90bd4d7d33
selinux-policy-3.13.1-191.23.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-90bd4d7d33
selinux-policy-3.13.1-191.23.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.