Hide Forgot
certmaster fails to start on f16 because of the following selinux-denials: [ 8515.028892] type=1400 audit(1314825181.026:20): avc: denied { read } for pid=1776 comm="certmaster" name="urandom" dev=devtmpfs ino=1033 scontext=system_u:system_r:certmaster_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file [ 8515.472328] type=1400 audit(1314825181.470:21): avc: denied { read } for pid=1776 comm="certmaster" name="urandom" dev=devtmpfs ino=1033 scontext=system_u:system_r:certmaster_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file [ 8515.472529] type=1400 audit(1314825181.470:22): avc: denied { read } for pid=1776 comm="certmaster" name="random" dev=devtmpfs ino=1032 scontext=system_u:system_r:certmaster_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file "setenforce permissive" let's it start.
Probably needed for RHEL6 F14, F15. I checked fix into policy pool
Added.
selinux-policy-3.10.0-28.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/selinux-policy-3.10.0-28.fc16
Package selinux-policy-3.10.0-28.fc16: * should fix your issue, * was pushed to the Fedora 16 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing selinux-policy-3.10.0-28.fc16' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/selinux-policy-3.10.0-28.fc16 then log in and leave karma (feedback).
selinux-policy-3.10.0-28.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.