Description of problem: this alert came up after applying the latest updates using dnf update SELinux is preventing alsactl from using the 'setpgid' accesses on a process. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that alsactl should be allowed setpgid access on processes labeled alsa_t by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'alsactl' --raw | audit2allow -M my-alsactl # semodule -X 300 -i my-alsactl.pp Additional Information: Source Context system_u:system_r:alsa_t:s0 Target Context system_u:system_r:alsa_t:s0 Target Objects Unknown [ process ] Source alsactl Source Path alsactl Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages SELinux Policy RPM selinux-policy-targeted-34.11-1.fc34.noarch Local Policy RPM selinux-policy-targeted-34.11-1.fc34.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 5.12.9-300.fc34.x86_64 #1 SMP Thu Jun 3 13:51:40 UTC 2021 x86_64 x86_64 Alert Count 24 First Seen 2021-06-13 11:15:20 +04 Last Seen 2021-06-20 10:18:24 +04 Local ID 367f6d75-f441-4bf8-ae19-973587901dfa Raw Audit Messages type=AVC msg=audit(1624169904.74:1152): avc: denied { setpgid } for pid=115535 comm="alsactl" scontext=system_u:system_r:alsa_t:s0 tcontext=system_u:system_r:alsa_t:s0 tclass=process permissive=0 Hash: alsactl,alsa_t,alsa_t,process,setpgid Version-Release number of selected component: selinux-policy-targeted-34.11-1.fc34.noarch Additional info: component: selinux-policy reporter: libreport-2.15.2 hashmarkername: setroubleshoot kernel: 5.12.9-300.fc34.x86_64 type: libreport
Similar problem has been detected: I listening Music CD in usb device hashmarkername: setroubleshoot kernel: 5.13.8-200.fc34.x86_64 package: selinux-policy-targeted-34.15-1.fc34.noarch reason: SELinux is preventing alsactl from using the 'setpgid' accesses on a process. type: libreport
Similar problem has been detected: I watch CNN Brazil on youtube.com and listening Music Cd too in USB Device. The computer crash and I poweroff. After I poweron. hashmarkername: setroubleshoot kernel: 5.13.9-200.fc34.x86_64 package: selinux-policy-targeted-34.15-1.fc34.noarch reason: SELinux is preventing alsactl from using the 'setpgid' accesses on a process. type: libreport
*** Bug 2020456 has been marked as a duplicate of this bug. ***
Similar problem has been detected: The errors appears during boot hashmarkername: setroubleshoot kernel: 5.15.5-200.s0ix01.fc35.x86_64 package: selinux-policy-targeted-35.6-1.fc35.noarch reason: SELinux is preventing alsactl from using the 'setpgid' accesses on a process. type: libreport
Similar problem has been detected: The problem appears after starting gnome session from gdm. hashmarkername: setroubleshoot kernel: 5.16.4-200.s0ix01.fc35.x86_64 package: selinux-policy-targeted-35.11-1.fc35.noarch reason: SELinux is preventing alsactl from using the 'setpgid' accesses on a process. type: libreport
I've submitted a Fedora PR to address the issue: https://github.com/fedora-selinux/selinux-policy/pull/1037
FEDORA-2022-35e911cda6 has been submitted as an update to Fedora 34. https://bodhi.fedoraproject.org/updates/FEDORA-2022-35e911cda6
FEDORA-2022-35e911cda6 has been pushed to the Fedora 34 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2022-35e911cda6` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-35e911cda6 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2022-35e911cda6 has been pushed to the Fedora 34 stable repository. If problem still persists, please make note of it in this bug report.