Bug 632659 - xend will not start when targeted SELinux policy being enforced
Summary: xend will not start when targeted SELinux policy being enforced
Keywords:
Status: CLOSED NEXTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted
Version: 14
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Ben Levenson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-09-10 16:53 UTC by W. Michael Petullo
Modified: 2010-09-21 00:52 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2010-09-21 00:52:01 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
Audit log during xend initialization, SELinux enforcing policy (33.11 KB, application/octet-stream)
2010-09-10 16:53 UTC, W. Michael Petullo 		no flags Details
View All

Description W. Michael Petullo 2010-09-10 16:53:48 UTC 
Created attachment 446557 [details]
Audit log during xend initialization, SELinux enforcing policy

Description of problem:
xend will not start when the targeted SELinux policy is being enforced by the kernel.

Version-Release number of selected component (if applicable):
selinux-policy-3.9.3-1.fc14.noarch
xen-4.0.1-1.fc14.x86_64

How reproducible:
Every time

Steps to Reproduce:
1. Try to start xend
2. Disable SELinux and try again
  
Actual results:
xend does not start when SELinux is enforcing the targeted policy. When SELinux is disabled, xend starts.

Expected results:
xend should work with SELinux

Additional info:
Comment 1 Daniel Walsh 2010-09-10 17:14:45 UTC 
You can add these rules for now using

# grep avc /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

Fixed in selinux-policy-3.9.4-1.fc14
Comment 2 W. Michael Petullo 2010-09-21 00:52:01 UTC 
Confirmed fixed in selinux-policy-3.9.4-1.fc14.noarch.
Note You need to log in before you can comment on or make changes to this bug.