1875027 – A bunch of services are failing due to SELinux denials on latest Fedora 32.

Bug 1875027 - A bunch of services are failing due to SELinux denials on latest Fedora 32.

Summary: A bunch of services are failing due to SELinux denials on latest Fedora 32.

Keywords:
Status:	CLOSED DUPLICATE of bug 1874836
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy
Sub Component:
Version:	32
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Zdenek Pytela
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-09-02 19:23 UTC by aziz
Modified:	2020-09-03 04:53 UTC (History)
CC List:	7 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2020-09-03 04:53:13 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description aziz 2020-09-02 19:23:32 UTC

A bunch of services are failing due to SELinux denials on latest Fedora 32:

audit[6042]: AVC avc:  denied  { remount } for  pid=6042 comm="(coredump)" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=0
systemd[6042]: systemd-coredump: Failed to set up mount namespacing: /run/systemd/unit-root/: Permission denied
systemd[6042]: systemd-coredump: Failed at step NAMESPACE spawning /usr/lib/systemd/systemd-coredump: Permission denied

audit[4423]: AVC avc:  denied  { remount } for  pid=4423 comm="(ostnamed)" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=0
systemd[4423]: systemd-hostnamed.service: Failed to set up mount namespacing: /run/systemd/unit-root/: Permission denied
systemd[4423]: systemd-hostnamed.service: Failed at step NAMESPACE spawning /usr/lib/systemd/systemd-hostnamed: Permission denied

audit[4146]: AVC avc:  denied  { remount } for  pid=4146 comm="(imedated)" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=0
systemd[4146]: systemd-timedated.service: Failed to set up mount namespacing: /run/systemd/unit-root/: Permission denied
systemd[4146]: systemd-timedated.service: Failed at step NAMESPACE spawning /usr/lib/systemd/systemd-timedated: Permission denied

These show up on selinux-policy-3.14.5-43.fc32. Rebooting in permissive made these errors disappear. Reverting to selinux-policy-3.14.5-32.fc32 didn't help, so the problem might be from one of the other SELinux packages.

Comment 1 Zdenek Pytela 2020-09-03 04:53:13 UTC


*** This bug has been marked as a duplicate of bug 1874836 ***

Note You need to log in before you can comment on or make changes to this bug.