Description of problem: SELinux is preventing groupadd from 'write' accesses on the sock_file system_bus_socket. ***** Plugin catchall (100. confidence) suggests ************************** If aby groupadd powinno mieć domyślnie write dostęp do system_bus_socket sock_file. Then proszę to zgłosić jako błąd. Można utworzyć lokalny moduł polityki, aby umożliwić ten dostęp. Do allow this access for now by executing: # ausearch -c 'groupadd' --raw | audit2allow -M my-groupadd # semodule -X 300 -i my-groupadd.pp Additional Information: Source Context unconfined_u:unconfined_r:groupadd_t:s0-s0:c0.c102 3 Target Context system_u:object_r:system_dbusd_var_run_t:s0 Target Objects system_bus_socket [ sock_file ] Source groupadd Source Path groupadd Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-235.fc26.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.9.5-200.fc25.x86_64 #1 SMP Fri Jan 20 12:24:16 UTC 2017 x86_64 x86_64 Alert Count 1 First Seen 2017-01-26 11:30:21 CET Last Seen 2017-01-26 11:30:21 CET Local ID 07136070-4926-45c2-a887-018b6db78615 Raw Audit Messages type=AVC msg=audit(1485426621.425:306): avc: denied { write } for pid=19372 comm="groupadd" name="system_bus_socket" dev="tmpfs" ino=21126 scontext=unconfined_u:unconfined_r:groupadd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:system_dbusd_var_run_t:s0 tclass=sock_file permissive=0 Hash: groupadd,groupadd_t,system_dbusd_var_run_t,sock_file,write Version-Release number of selected component: selinux-policy-3.13.1-235.fc26.noarch Additional info: component: selinux-policy reporter: libreport-2.9.0 hashmarkername: setroubleshoot kernel: 4.10.0-0.rc5.git1.1.fc26.x86_64 type: libreport
This bug appears to have been reported against 'rawhide' during the Fedora 26 development cycle. Changing version to '26'.
Description of problem: installing Docker hosting on a Fedora 26 virtual machine, hosted on Fedora 25 Virtual Machine Manager Version-Release number of selected component: selinux-policy-3.13.1-241.fc26.noarch Additional info: reporter: libreport-2.9.0 hashmarkername: setroubleshoot kernel: 4.11.0-0.rc0.git9.1.fc26.x86_64 type: libreport
Description of problem: I ran: sudo dnf group install 'C Development Tools and Libraries' Following packages were installed: bison.x86_64 3.0.4-6.fc26 byacc.x86_64 1.9.20170201-1.fc26 ccache.x86_64 3.3.4-1.fc26 cscope.x86_64 15.8b-4.fc26 ctags.x86_64 5.8-19.fc26 flex.x86_64 2.6.1-3.fc26 ltrace.x86_64 0.7.91-22.fc26 oprofile.x86_64 1.1.0-5.fc26 strace.x86_64 4.16-1.fc26 valgrind.x86_64 1:3.12.0-7.fc26 xemacs-filesystem.noarch 21.5.34-22.20170124hgf412e9f093d4.fc26 While installing them, this SELinux issue was triggered. Version-Release number of selected component: selinux-policy-3.13.1-249.fc26.noarch Additional info: reporter: libreport-2.9.1 hashmarkername: setroubleshoot kernel: 4.11.0-0.rc6.git0.1.fc26.x86_64 type: libreport
*** Bug 1442713 has been marked as a duplicate of this bug. ***
*** Bug 1442786 has been marked as a duplicate of this bug. ***
selinux-policy-3.13.1-251.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-f36794dd98
selinux-policy-3.13.1-251.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-f36794dd98
selinux-policy-3.13.1-251.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.