Description of problem: SELinux is preventing worker from 'read' accesses on the файл /home/evgeniy/.cache/gnome-boxes/winxp-unattended.img. ***** Plugin catchall (100. confidence) suggests ************************** If вы считаете, что worker следует разрешить доступ read к winxp-unattended.img file по умолчанию. Then рекомендуется создать отчет об ошибке. Чтобы разрешить доступ, можно создать локальный модуль политики. Do allow this access for now by executing: # ausearch -c 'worker' --raw | audit2allow -M my-worker # semodule -X 300 -i my-worker.pp Additional Information: Source Context unconfined_u:unconfined_r:svirt_t:s0:c32,c163 Target Context unconfined_u:object_r:virt_home_t:s0:c32,c163 Target Objects /home/evgeniy/.cache/gnome-boxes/winxp- unattended.img [ file ] Source worker Source Path worker Port <Неизвестно> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-283.14.fc27.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.13.12-300.fc27.x86_64 #1 SMP Wed Nov 8 16:38:01 UTC 2017 x86_64 x86_64 Alert Count 1 First Seen 2017-11-20 11:53:03 EET Last Seen 2017-11-20 11:53:03 EET Local ID d53db18d-1de9-4461-8929-9cd19be9a750 Raw Audit Messages type=AVC msg=audit(1511171583.321:316): avc: denied { read } for pid=9594 comm="worker" path="/home/evgeniy/.cache/gnome-boxes/winxp-unattended.img" dev="dm-3" ino=10630148 scontext=unconfined_u:unconfined_r:svirt_t:s0:c32,c163 tcontext=unconfined_u:object_r:virt_home_t:s0:c32,c163 tclass=file permissive=0 Hash: worker,svirt_t,virt_home_t,file,read Version-Release number of selected component: selinux-policy-3.13.1-283.14.fc27.noarch Additional info: component: selinux-policy reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.13.12-300.fc27.x86_64 type: libreport
*** This bug has been marked as a duplicate of bug 1312572 ***