Bug 616136 - System does not boot with systemd in enforcing mode
System does not boot with systemd in enforcing mode
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
rawhide
All Linux
low Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-07-19 14:00 EDT by Orion Poplawski
Modified: 2010-07-20 13:53 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-07-20 13:53:48 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Orion Poplawski 2010-07-19 14:00:49 EDT
Description of problem:

System does not boot with systemd in enforcing mode.  Current avcs:

type=AVC msg=audit(1279573506.165:8): avc:  denied  { accept } for  pid=695 comm="dbus-daemon" path="/var/run/dbus/system_bus_socket" scontext=system_u:system_r:system_dbusd_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=unix_stream_socket
type=AVC msg=audit(1279573506.165:9): avc:  denied  { getattr } for  pid=695 comm="dbus-daemon" path="/var/run/dbus/system_bus_socket" scontext=system_u:system_r:system_dbusd_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=unix_stream_socket
type=AVC msg=audit(1279573506.166:10): avc:  denied  { getopt } for  pid=695 comm="dbus-daemon" path="/var/run/dbus/system_bus_socket" scontext=system_u:system_r:system_dbusd_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=unix_stream_socket

Version-Release number of selected component (if applicable):
systemd-3-3.fc14.x86_64
selinux-policy-3.8.7-2.fc14.noarch
Comment 1 Daniel Walsh 2010-07-20 13:53:48 EDT
Fixed in selinux-policy-3.8.8-1.fc14

ALthough the real fix is to get systemd to be selinux aware.

Note You need to log in before you can comment on or make changes to this bug.