Description of problem: Not sure why this happened. SELinux is preventing haproxy from 'getattr' accesses on the filesystem /sys/fs/cgroup. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that haproxy should be allowed getattr access on the cgroup filesystem by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'haproxy' --raw | audit2allow -M my-haproxy # semodule -X 300 -i my-haproxy.pp Additional Information: Source Context system_u:system_r:haproxy_t:s0 Target Context system_u:object_r:cgroup_t:s0 Target Objects /sys/fs/cgroup [ filesystem ] Source haproxy Source Path haproxy Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages SELinux Policy RPM selinux-policy-targeted-35.6-1.fc35.noarch Local Policy RPM selinux-policy-targeted-35.6-1.fc35.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 5.15.6-200.fc35.x86_64 #1 SMP Wed Dec 1 13:41:10 UTC 2021 x86_64 x86_64 Alert Count 5 First Seen 2021-12-13 09:26:14 EST Last Seen 2021-12-13 14:53:24 EST Local ID 014ce9dc-f578-48c4-a738-e28f1bb933cf Raw Audit Messages type=AVC msg=audit(1639425204.658:1953): avc: denied { getattr } for pid=76829 comm="haproxy" name="/" dev="cgroup2" ino=1 scontext=system_u:system_r:haproxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=filesystem permissive=0 Hash: haproxy,haproxy_t,cgroup_t,filesystem,getattr Version-Release number of selected component: selinux-policy-targeted-35.6-1.fc35.noarch Additional info: component: selinux-policy reporter: libreport-2.15.2 hashmarkername: setroubleshoot kernel: 5.15.6-200.fc35.x86_64 type: libreport
FEDORA-2022-decd9c4cae has been submitted as an update to Fedora 35. https://bodhi.fedoraproject.org/updates/FEDORA-2022-decd9c4cae
FEDORA-2022-decd9c4cae has been pushed to the Fedora 35 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2022-decd9c4cae` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-decd9c4cae See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2022-decd9c4cae has been pushed to the Fedora 35 stable repository. If problem still persists, please make note of it in this bug report.