Description of problem: SELinux is preventing sosreport from 'associate' accesses on the filesystem max_dgram_qlen. ***** Plugin associate (99.5 confidence) suggests ************************* If you want to change the label of max_dgram_qlen to sysctl_net_unix_t, you are not allowed to since it is not a valid file type. Then you must pick a valid file label. Do select a valid file type. List valid file labels by executing: # seinfo -afile_type -x ***** Plugin catchall (1.49 confidence) suggests ************************** If you believe that sosreport should be allowed associate access on the max_dgram_qlen filesystem by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'sosreport' --raw | audit2allow -M my-sosreport # semodule -X 300 -i my-sosreport.pp Additional Information: Source Context system_u:object_r:sysctl_net_unix_t:s0 Target Context system_u:object_r:fs_t:s0 Target Objects max_dgram_qlen [ filesystem ] Source sosreport Source Path sosreport Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM <Unknown> Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.11.11-300.fc26.x86_64 #1 SMP Mon Jul 17 16:32:11 UTC 2017 x86_64 x86_64 Alert Count 1 First Seen 2017-09-06 10:46:53 EDT Last Seen 2017-09-06 10:46:53 EDT Local ID c486a8e5-e181-4948-a2e1-6f0b5b158499 Raw Audit Messages type=AVC msg=audit(1504709213.229:29861): avc: denied { associate } for pid=25810 comm="sosreport" name="max_dgram_qlen" dev="dm-12" ino=148934 scontext=system_u:object_r:sysctl_net_unix_t:s0 tcontext=system_u:object_r:fs_t:s0 tclass=filesystem permissive=0 Hash: sosreport,sysctl_net_unix_t,fs_t,filesystem,associate Additional info: component: selinux-policy reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.15.6-300.fc27.x86_64 type: libreport
*** This bug has been marked as a duplicate of bug 1553164 ***