Description of problem: SELinux is preventing tlp from 'write' accesses on the file lock_tlp. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that tlp should be allowed write access on the lock_tlp file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'tlp' --raw | audit2allow -M my-tlp # semodule -X 300 -i my-tlp.pp Additional Information: Source Context system_u:system_r:tlp_t:s0 Target Context system_u:object_r:var_run_t:s0 Target Objects lock_tlp [ file ] Source tlp Source Path tlp Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-283.14.fc27.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.13.11-300.fc27.x86_64 #1 SMP Thu Nov 2 18:20:29 UTC 2017 x86_64 x86_64 Alert Count 2 First Seen 2017-11-06 17:50:00 PST Last Seen 2017-11-06 17:50:00 PST Local ID fe05ff08-cf0e-4309-abf8-f17f69e55bf4 Raw Audit Messages type=AVC msg=audit(1510019400.859:252): avc: denied { write } for pid=2663 comm="tlp" name="lock_tlp" dev="tmpfs" ino=31656 scontext=system_u:system_r:tlp_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=0 Hash: tlp,tlp_t,var_run_t,file,write Version-Release number of selected component: selinux-policy-3.13.1-283.14.fc27.noarch Additional info: component: selinux-policy reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.13.11-300.fc27.x86_64 type: libreport Potential duplicate: bug 1474389
Description of problem: Unlocked my screen. Version-Release number of selected component: selinux-policy-3.13.1-283.14.fc27.noarch Additional info: reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.13.12-300.fc27.x86_64 type: libreport
selinux-policy-3.13.1-283.16.fc27 has been submitted as an update to Fedora 27. https://bodhi.fedoraproject.org/updates/FEDORA-2017-5178e6a393
selinux-policy-3.13.1-283.16.fc27 has been pushed to the Fedora 27 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-5178e6a393
selinux-policy-3.13.1-283.16.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report.
Description of problem: 1. Install run `dnf install tlp` 2. Edit `/etc/defaults/tlp` 3. Change `WIFI_PWD_ON_BAT` to `WIFI_PWD_ON_BAT=off` 4. Run `systemctl restart tlp` Version-Release number of selected component: selinux-policy-3.13.1-283.17.fc27.noarch Additional info: reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.13.16-300.fc27.x86_64 type: libreport
Description of problem: Installed TLP (dnf install tlp), started it (sudo tlp start) to have enhanced battery saving on my laptop. Then I received this SELinux alert if I want to trust TLP. If think TLP can be allowed to have write access, right? Version-Release number of selected component: selinux-policy-3.13.1-283.21.fc27.noarch Additional info: reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.14.14-300.fc27.x86_64 type: libreport
Description of problem: I was doing nothing specifically related to TLP. Perhaps it was triggered by unlocking the screen? Version-Release number of selected component: selinux-policy-3.13.1-283.21.fc27.noarch Additional info: reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.14.14-300.fc27.x86_64 type: libreport
Description of problem: When I go to AC adapter mode from battery mode or go to battery mode to AC mode then this error shows up in tlp. when I run tlp stat in terminal then this flollowing is shown: +++ Warnings * Kernel log shows ata errors (1) possibly caused by the configuration SATA_LINKPWR_ON_AC/BAT=min_power or medium_power. Consider using medium_power or max_performance instead. See the FAQ: http://linrunner.de/en/tlp/docs/tlp-faq.html#warnings Details: [ 56.375217] ata2: SError: { PHYRdyChg CommWake } [ 56.375221] ata2.00: failed command: READ FPDMA QUEUED [ 56.375229] ata2.00: cmd 60/20:68:28:14:8e/00:00:0e:00:00/40 tag 13 ncq dma 16384 in res 50/00:03:00:00:00/00:00:00:00:00/a0 Emask 0x10 (ATA bus error) [ 56.375232] ata2.00: status: { DRDY } [ 56.375237] ata2: hard resetting link Version-Release number of selected component: selinux-policy-3.13.1-283.21.fc27.noarch Additional info: reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.14.16-300.fc27.x86_64 type: libreport
Description of problem: after resuming from standby Version-Release number of selected component: selinux-policy-3.13.1-259.fc26.noarch Additional info: reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.14.16-300.fc27.x86_64 type: libreport
Description of problem: The error occured after setting laptop to sleep mode. Version-Release number of selected component: selinux-policy-3.13.1-283.24.fc27.noarch Additional info: reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.14.16-300.fc27.x86_64 type: libreport
Description of problem: I did two things today: 1) I updated my system to the latest updates form the official repositories 2) I installed smartmontools because tlp-stat suggested me to do so Version-Release number of selected component: selinux-policy-3.13.1-283.24.fc27.noarch Additional info: reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.15.3-300.fc27.x86_64 type: libreport
To fix (temporarily at least): sudo restorecon -R -v /run/tlp I don't know why the labels get lost on these files.
Description of problem: Suspended laptop and then woke it up. Version-Release number of selected component: selinux-policy-3.13.1-283.26.fc27.noarch Additional info: reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.15.6-300.fc27.x86_64 type: libreport
Description of problem: Fedora 27 (SELinux installed by default) Installed TLP using dnf. > dnf install tlp Version-Release number of selected component: selinux-policy-3.13.1-283.26.fc27.noarch Additional info: reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.15.6-300.fc27.x86_64 type: libreport
Description of problem: Popping up on first-boot. Version-Release number of selected component: selinux-policy-3.13.1-283.26.fc27.noarch Additional info: reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.15.9-300.fc27.x86_64 type: libreport
Description of problem: Steps: - Install Fedora - Install TLP - Put laptop to sleep - Wake laptop up - SELinux notification with alert appers Laptop: HP Probook G4 Version-Release number of selected component: selinux-policy-3.13.1-283.28.fc27.noarch Additional info: reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.15.10-300.fc27.x86_64 type: libreport
*** Bug 1564660 has been marked as a duplicate of this bug. ***
*** Bug 1564722 has been marked as a duplicate of this bug. ***
Description of problem: I installed tlp, then started getting selinux alerts. I did not change any configurations after install. I am using a thinkpad t450s. Version-Release number of selected component: selinux-policy-3.13.1-283.30.fc27.noarch Additional info: reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.15.12-301.fc27.x86_64 type: libreport
(In reply to zach.jorgey7 from comment #19) > Description of problem: > I installed tlp, then started getting selinux alerts. I did not change any > configurations after install. I am using a thinkpad t450s. > > Version-Release number of selected component: > selinux-policy-3.13.1-283.30.fc27.noarch > > Additional info: > reporter: libreport-2.9.3 > hashmarkername: setroubleshoot > kernel: 4.15.12-301.fc27.x86_64 > type: libreport problem still persist, same symptom and environment (selinux-policy-3.13.1-283.30.fc27)
Description of problem: After booting I got the denial shown. When applying the proposed solution, I get another denial for the process flock which also tries to lock this file Version-Release number of selected component: selinux-policy-3.13.1-283.30.fc27.noarch Additional info: reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.15.17-300.fc27.x86_64 type: libreport
Description of problem: I installed TLP and got this warning from SETroubleshoot. Version-Release number of selected component: selinux-policy-3.13.1-283.34.fc27.noarch Additional info: reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.15.17-300.fc27.x86_64 type: libreport
Description of problem: On wake-up error message came up. Additional info: reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.16.5-200.fc27.x86_64 type: libreport
With selinux-policy-3.13.1-283.34.fc27.noarch the problem still exists. So I reopen the bug.
*** This bug has been marked as a duplicate of bug 1586329 ***
this bug already state on F28 and always tlp service faild in bootup.