Description of problem: open remote-viewer spice://localhost:5900 SELinux is preventing qemu-kvm from 'map' accesses on the anon_inode anon_inode. ***** Plugin catchall (100. confidence) suggests ************************** Wenn Sie denken, dass es qemu-kvm standardmäßig erlaubt sein sollte, map Zugriff auf anon_inode anon_inode zu erhalten. Then sie sollten dies als Fehler melden. Um diesen Zugriff zu erlauben, können Sie ein lokales Richtlinien-Modul erstellen. Do zugriff jetzt erlauben, indem Sie die nachfolgenden Befehle ausführen: # ausearch -c 'qemu-kvm' --raw | audit2allow -M my-qemukvm # semodule -X 300 -i my-qemukvm.pp Additional Information: Source Context system_u:system_r:svirt_t:s0:c236,c831 Target Context system_u:object_r:svirt_t:s0:c236,c831 Target Objects anon_inode [ anon_inode ] Source qemu-kvm Source Path qemu-kvm Port <Unbekannt> Host (removed) Source RPM Packages Target RPM Packages SELinux Policy RPM selinux-policy-targeted-34.25-1.fc34.noarch Local Policy RPM selinux-policy-targeted-34.25-1.fc34.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 5.16.5-100.fc34.x86_64 #1 SMP PREEMPT Tue Feb 1 20:05:05 UTC 2022 x86_64 x86_64 Alert Count 3 First Seen 2022-02-07 15:35:25 CET Last Seen 2022-02-07 15:35:26 CET Local ID db72446f-6225-4369-85a7-97f221806795 Raw Audit Messages type=AVC msg=audit(1644244526.0:442): avc: denied { map } for pid=6727 comm="qemu-kvm" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=89555 scontext=system_u:system_r:svirt_t:s0:c236,c831 tcontext=system_u:object_r:svirt_t:s0:c236,c831 tclass=anon_inode permissive=0 Hash: qemu-kvm,svirt_t,svirt_t,anon_inode,map Version-Release number of selected component: selinux-policy-targeted-34.25-1.fc34.noarch Additional info: component: selinux-policy reporter: libreport-2.15.2 hashmarkername: setroubleshoot kernel: 5.16.5-100.fc34.x86_64 type: libreport
*** Bug 2052897 has been marked as a duplicate of this bug. ***
*** Bug 2053263 has been marked as a duplicate of this bug. ***
FEDORA-2022-144dec49f5 has been submitted as an update to Fedora 34. https://bodhi.fedoraproject.org/updates/FEDORA-2022-144dec49f5
FEDORA-2022-144dec49f5 has been pushed to the Fedora 34 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2022-144dec49f5` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-144dec49f5 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
*** Bug 2057718 has been marked as a duplicate of this bug. ***
FEDORA-2022-144dec49f5 has been pushed to the Fedora 34 stable repository. If problem still persists, please make note of it in this bug report.