Description of problem: SELinux is preventing umount from 'getattr' accesses on the filesystem /. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that umount should be allowed getattr access on the filesystem by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'umount' --raw | audit2allow -M my-umount # semodule -X 300 -i my-umount.pp Additional Information: Source Context system_u:system_r:snappy_t:s0 Target Context system_u:object_r:fs_t:s0 Target Objects / [ filesystem ] Source umount Source Path umount Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages filesystem-3.8-2.fc28.x86_64 Policy RPM <Unknown> Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.17.2-200.fc28.x86_64 #1 SMP Mon Jun 18 20:09:31 UTC 2018 x86_64 x86_64 Alert Count 1 First Seen 2018-07-03 20:56:32 EET Last Seen 2018-07-03 20:56:32 EET Local ID 7b5cfdcb-b2cc-4edf-956c-4d21972369fe Raw Audit Messages type=AVC msg=audit(1530644192.706:566): avc: denied { getattr } for pid=32663 comm="umount" name="/" dev="loop3" ino=2 scontext=system_u:system_r:snappy_t:s0 tcontext=system_u:object_r:fs_t:s0 tclass=filesystem permissive=1 Hash: umount,snappy_t,fs_t,filesystem,getattr Additional info: component: selinux-policy reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.17.2-200.fc28.x86_64 type: libreport
Description of problem: Rebooted FC28 machine. Got SELinux warning. Version-Release number of selected component: selinux-policy-3.14.1-32.fc28.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.17.3-200.fc28.x86_64 type: libreport
Description of problem: I turned on my laptop and the notice popped up. Version-Release number of selected component: selinux-policy-3.14.1-32.fc28.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.17.5-200.fc28.x86_64 type: libreport
Description of problem: After upgrading fedora 26 to 28 Version-Release number of selected component: selinux-policy-3.14.1-32.fc28.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.17.6-200.fc28.x86_64 type: libreport
Description of problem: Installed snapd and rebooted system Version-Release number of selected component: selinux-policy-3.14.1-32.fc28.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.17.7-200.fc28.x86_64 type: libreport
*** Bug 1608161 has been marked as a duplicate of this bug. ***
Description of problem: It started to appear after I installed snap packages. But I have faced no issues in day-to-day usage. Version-Release number of selected component: selinux-policy-3.14.1-32.fc28.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.17.6-200.fc28.x86_64 type: libreport
Description of problem: Right after boot up, SELinux popped up. Version-Release number of selected component: selinux-policy-3.14.1-32.fc28.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.17.7-200.fc28.x86_64 type: libreport
Description of problem: Pops up at every boot. Possibly related to snap. Version-Release number of selected component: selinux-policy-3.14.1-32.fc28.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.17.7-200.fc28.x86_64 type: libreport
Description of problem: System crashes randomly, sometimes minutes, at times hours after login. Version-Release number of selected component: selinux-policy-3.14.1-32.fc28.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.17.7-200.fc28.x86_64 type: libreport
Description of problem: It started after one of the updates to Fedora. Version-Release number of selected component: selinux-policy-3.14.1-32.fc28.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.17.9-200.fc28.x86_64 type: libreport
Description of problem: No user action was associated with this error. Might be related to yum initiated updated. Most recent package installed was snapd. Version-Release number of selected component: selinux-policy-3.14.1-37.fc28.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.17.11-200.fc28.x86_64 type: libreport
Description of problem: I startup my fedora 28 system on my dell inspiron laptop and I get this se linux alert every time, both when logging in using X and using wayland Version-Release number of selected component: selinux-policy-3.14.1-32.fc28.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.17.6-200.fc28.x86_64 type: libreport
Description of problem: 1. I restarted my device 2. Logged in with password Version-Release number of selected component: selinux-policy-3.14.1-37.fc28.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.17.12-200.fc28.x86_64 type: libreport
Description of problem: Right after login to a Gnome 3 session Version-Release number of selected component: selinux-policy-3.14.1-40.fc28.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.17.14-202.fc28.x86_64 type: libreport
*** Bug 1619003 has been marked as a duplicate of this bug. ***
Description of problem: This alert pops up every time I boot up my HP laptop model 15-bw022nb. I cannot remember exactly, but it is possible that this SELinux alert already popped up before I started experiencing problems with the boot and login process (I'm running Fedora 28 workstation). -------------------------------------- Current problems during bootup/login: -------------------------------------- For many weeks or maybe months now, (not having the time nor a stable internet connection to search for online help immediately, I use workarounds if I can, to be able to continue using my laptop, and delay working on a real fix to a later moment) I have this SELinux alert but I also have to login with the command prompt, where I'm asked for my username and password. After that, my personalised shellprompt appears (I know it's "personalised", because I changed it to display a shorter prompt and added colors). To load the system, I enter the command "startx" Once de graphical desktop is loaded, a popup asks me to enter my password again, because it was not added to my keyring (or something like that?) during the boot/login process. After I enter my password in that popup window, I can use Fedora the normal way. ------------------------------------------------- Possibly causing the non-graphical login screen? ------------------------------------------------- I had trouble when trying to remove Ubuntu and Lime from other partitions I created on the same HDD as Fedora, I wanted to delete them so I could expand the size of the Fedora partition, but of course, Ubuntu and Lime were also in the GRUB. So I suppose I messed up by deleting stuff the wrong way, or in the wrong order. Or maybe something got messed up concerning the moving of my homepartition to another internal disk (SSD of 1TB, showing up as HDA1 in GParted) While Fedora runs on a different disk in the same laptop (HDD of 250GB, showing up as HDB1 in GParted, and Ubuntu and Lime taking up HDB2 and HDB3). So maybe my fstab contains inconcistencies? ----------------------------------------------------------------------------------- Why there may be a link between the SELinux alert and my non-graphical boot/login? ----------------------------------------------------------------------------------- I think there might be a chance that my bootup/login issues are related to this SELinux error in some way. Because, I think they both concern mounting - umount problem in the SELinux alert - mount of my homefolder that goes wrong, maybe because it needs access to some hidden userfiles (auth. files?) that are not on the same disk/partition as fedora system, but are residing in the user's homefolder on SSD? So, maybe no direct link, but I add this info anyway, in case someone thinks both problems can be resolved using a similar or the same solution/patch/config file parameters? Version-Release number of selected component: selinux-policy-3.14.1-37.fc28.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.17.11-200.fc28.x86_64 type: libreport
Description of problem: This happens everytime after login/boot/wake-up. I'm on a F28 upgraded from F27. There are no additional edits to /etc/fstab. Version-Release number of selected component: selinux-policy-3.14.1-40.fc28.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.17.18-200.fc28.x86_64 type: libreport
For me, always in conjunction with https://bugzilla.redhat.com/show_bug.cgi?id=1597878 and others, right after logging in after booting.
Description of problem: login in snap Version-Release number of selected component: selinux-policy-3.14.1-42.fc28.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.18.9-200.fc28.x86_64 type: libreport
Description of problem: im not certain but the previous avc denial was from a kernel regression test. then i installed snapd and then ran a search (snap find) with regular user privaleges for c&c Version-Release number of selected component: selinux-policy-3.14.1-42.fc28.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.18.9-200.fc28.i686 type: libreport
Description of problem: it happened again when running snap install cncra Version-Release number of selected component: selinux-policy-3.14.1-42.fc28.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.18.9-200.fc28.i686 type: libreport
Description of problem: Step 1: Download Flatpak repo from https://flatpak.org/setup/Fedora/ Step 2: Run the downloaded 'flathub.flatpakrepo' file Step 3: Allow to restart the Gnome Package Manager Step 4: Recieved the SELinux Alert Version-Release number of selected component: selinux-policy-3.14.1-42.fc28.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.18.9-200.fc28.x86_64 type: libreport
Description of problem: I'm new Linux user. The SELinux send an alert (Notification) at the begining every time when I boot to the system. I don't know what the problem is. Everything seems to work just fine, but I still get the alert about this bug every time. Version-Release number of selected component: selinux-policy-3.14.1-42.fc28.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.18.9-200.fc28.x86_64 type: libreport
Description of problem: I don't know what is causing this or why, but it happens every time I turn on my laptop and then log in. Version-Release number of selected component: selinux-policy-3.14.1-44.fc28.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.18.12-200.fc28.x86_64 type: libreport
*** Bug 1643690 has been marked as a duplicate of this bug. ***
This message is a reminder that Fedora 28 is nearing its end of life. On 2019-May-28 Fedora will stop maintaining and issuing updates for Fedora 28. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '28'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 28 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
Fedora 28 changed to end-of-life (EOL) status on 2019-05-28. Fedora 28 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed.