Description of problem: Update and reboot SELinux is preventing qemu-kvm from 'map' accesses on the anon_inode anon_inode. ***** Plugin catchall (100. confidence) suggests ************************** Если вы считаете, что qemu-kvm должно быть разрешено map доступ к anon_inode anon_inode по умолчанию. Then рекомендуется создать отчет об ошибке. Чтобы разрешить доступ, можно создать локальный модуль политики. Do разрешить этот доступ сейчас, выполнив: # ausearch -c 'qemu-kvm' --raw | audit2allow -M my-qemukvm # semodule -X 300 -i my-qemukvm.pp Additional Information: Source Context system_u:system_r:virtd_t:s0-s0:c0.c1023 Target Context system_u:object_r:virtd_t:s0 Target Objects anon_inode [ anon_inode ] Source qemu-kvm Source Path qemu-kvm Port <Неизвестно> Host (removed) Source RPM Packages Target RPM Packages SELinux Policy RPM selinux-policy-targeted-34.25-1.fc34.noarch Local Policy RPM selinux-policy-targeted-34.25-1.fc34.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 5.16.7-100.fc34.x86_64 #1 SMP PREEMPT Sun Feb 6 20:50:49 UTC 2022 x86_64 x86_64 Alert Count 6 First Seen 2022-02-10 21:35:41 EET Last Seen 2022-02-10 21:35:41 EET Local ID fd023c63-749e-4802-8353-98b2fd39d53c Raw Audit Messages type=AVC msg=audit(1644521741.987:306): avc: denied { map } for pid=4973 comm="qemu-kvm" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=28596 scontext=system_u:system_r:virtd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:virtd_t:s0 tclass=anon_inode permissive=0 Hash: qemu-kvm,virtd_t,virtd_t,anon_inode,map Version-Release number of selected component: selinux-policy-targeted-34.25-1.fc34.noarch Additional info: component: selinux-policy reporter: libreport-2.15.2 hashmarkername: setroubleshoot kernel: 5.16.7-100.fc34.x86_64 type: libreport Potential duplicate: bug 2051827
*** This bug has been marked as a duplicate of bug 2051577 ***