Description of problem: In trace mode, tlp logger calls are blocked by selinux Version-Release number of selected component (if applicable): selinux-policy 3.14.3-42.fc30 tlp 1.2.1-1.fc30 How reproducible: Follow https://linrunner.de/en/tlp/docs/tlp-configuration.html#tracemode 1. Add the following line to /etc/default/tlp TLP_DEBUG="arg bat disk lock nm path pm ps rf run sysfs udev usb" 2. Restart tlp service $ systemctl restart tlp 3. Do something(e.g. suspend and resume laptop), then take a look at the logs $ systemctl status tlp $ tlp-stat -T Actual results: logger: Operation not permitted Expected results: Debug loggin events Additional info: In audit.log type=AVC msg=audit(1564652336.513:9741): avc: denied { sys_admin } for pid=24166 comm="logger" capability=21 scontext=system_u:system_r:tlp_t:s0-s0:c0.c1023 tcontext=system_u:system_r:tlp_t:s0-s0:c0.c1023 tclass=capability permissive=0 type=AVC msg=audit(1564653076.144:10069): avc: denied { setuid } for pid=28814 comm="logger" capability=7 scontext=system_u:system_r:tlp_t:s0-s0:c0.c1023 tcontext=system_u:system_r:tlp_t:s0-s0:c0.c1023 tclass=capability permissive=0
commit b7144a2bc612b9d65145ed485fe1531c064a9ce3 (HEAD -> rawhide) Author: Lukas Vrabec <lvrabec> Date: Mon Aug 5 17:53:41 2019 +0200 Allow tlp domain run tlp in trace mode BZ(1737106)
FEDORA-2019-be14ea0375 has been submitted as an update to Fedora 30. https://bodhi.fedoraproject.org/updates/FEDORA-2019-be14ea0375
selinux-policy-3.14.3-45.fc30 has been pushed to the Fedora 30 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-be14ea0375
selinux-policy-3.14.3-45.fc30 has been pushed to the Fedora 30 stable repository. If problems still persist, please make note of it in this bug report.