Description of problem: Start of the virtual machine fails Version-Release number of selected component (if applicable): systemd-231-10.fc25.x86_64 selinux-policy-3.13.1-225.fc25.noarch virt-manager-1.4.0-4.fc25.noarch How reproducible: always Steps to Reproduce: 1. Try to start virtual machine in virt-manager Actual results: Errors below, USER_AVCs Expected results: Running virtual machine Additional info: ### Error from virt-manager: Error starting domain: SELinux policy denies access. Traceback (most recent call last): File "/usr/share/virt-manager/virtManager/asyncjob.py", line 88, in cb_wrapper callback(asyncjob, *args, **kwargs) File "/usr/share/virt-manager/virtManager/asyncjob.py", line 124, in tmpcb callback(*args, **kwargs) File "/usr/share/virt-manager/virtManager/libvirtobject.py", line 83, in newfn ret = fn(self, *args, **kwargs) File "/usr/share/virt-manager/virtManager/domain.py", line 1404, in startup self._backend.create() File "/usr/lib64/python2.7/site-packages/libvirt.py", line 1035, in create if ret == -1: raise libvirtError ('virDomainCreate() failed', dom=self) libvirtError: SELinux policy denies access. ### AVCs: ---- time->Thu Dec 1 14:44:10 2016 type=USER_AVC msg=audit(1480599850.217:4718): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { start } for auid=n/a uid=0 gid=0 path="/run/systemd/transient/machine-qemu\x2d4\x2dfedora26.scope" cmdline="/usr/lib/systemd/systemd-machined" scontext=system_u:system_r:systemd_machined_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=service exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?' ---- time->Thu Dec 1 14:51:04 2016 type=USER_AVC msg=audit(1480600264.196:4790): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { start } for auid=n/a uid=0 gid=0 path="/run/systemd/transient/machine-qemu\x2d6\x2drhel6.8.scope" cmdline="/usr/lib/systemd/systemd-machined" scontext=system_u:system_r:systemd_machined_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=service exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
I'm seeing the same issue. (I've reverted to selinux-policy-3.13.1-224.fc25.noarch.)
Saw the same regression. Had to roll back to selinux-policy-3.13.1-224.fc25.noarch. Not sure why this has been marked as fixed in 3.13.1-225.fc25 when that was the version that introduced the error.
(In reply to Robert Hancock from comment #2) > Saw the same regression. Had to roll back to > selinux-policy-3.13.1-224.fc25.noarch. Not sure why this has been marked as > fixed in 3.13.1-225.fc25 when that was the version that introduced the error. Note the 225.1 in the "selinux-policy-3.13.1-225.1.fc25"
selinux-policy-3.13.1-225.1.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2016-e3864b8972
Confirming selinux-policy-3.13.1-225.1.fc25 fixes the issue for me.
selinux-policy-3.13.1-225.1.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-e3864b8972
selinux-policy-3.13.1-225.1.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.