761323 – SELinux is preventing /usr/bin/grub2-editenv from 'write' accesses on the file /boot/grub2/grubenv.

Bug 761323 - SELinux is preventing /usr/bin/grub2-editenv from 'write' accesses on the file /boot/grub2/grubenv.

Summary: SELinux is preventing /usr/bin/grub2-editenv from 'write' accesses on the fil...

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy
Sub Component:
Version:	16
Hardware:	i686
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Miroslav Grepl
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:	abrt_hash:e6c48be6138d33daf6c9a295e38...
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2011-12-08 03:33 UTC by Andrey V. Henneberg
Modified:	2012-03-15 14:44 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2012-03-15 14:44:24 UTC
Type:	---
Dependent Products:

Attachments	(Terms of Use)
File: description (2.62 KB, text/plain) 2011-12-08 03:34 UTC, Andrey V. Henneberg	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Description Andrey V. Henneberg 2011-12-08 03:33:59 UTC

libreport version: 2.0.7
executable:     /usr/bin/python
hashmarkername: setroubleshoot
kernel:         3.1.4-1.fc16.i686.PAE
reason:         SELinux is preventing /usr/bin/grub2-editenv from 'write' accesses on the file /boot/grub2/grubenv.
time:           Чт. 08 дек. 2011 10:32:57

description:    Text file, 2688 bytes

Comment 1 Andrey V. Henneberg 2011-12-08 03:34:03 UTC

Created attachment 542347 [details]
File: description

Comment 2 Miroslav Grepl 2011-12-08 10:19:51 UTC

Did it happen by default? Or do you have own script?

Comment 3 Andrey V. Henneberg 2011-12-09 03:27:19 UTC

No, I have no own script.

Comment 4 Miroslav Grepl 2011-12-13 09:03:42 UTC

Does everything work for you as expected?

Comment 5 Daniel Walsh 2011-12-13 20:07:28 UTC

Do the apmd guys know what is going on?

grub2-editenv is being executed from apmd and it is trying to write a file under /boot named grubenv?

Comment 6 Jiri Skala 2011-12-22 09:40:32 UTC

(In reply to comment #5)
> Do the apmd guys know what is going on?
> 
> grub2-editenv is being executed from apmd and it is trying to write a file
> under /boot named grubenv?

The apmd wasn't changed long time. So the apmd knows nothing about grub2 and there is no direct interaction. I suppose it's an action of required pkgs or manually made/copied script(s).

Comment 7 Daniel Walsh 2011-12-22 15:10:33 UTC

Well I have no idea.

Andrey has this happened again?

Comment 8 Andrey V. Henneberg 2011-12-23 03:31:55 UTC

No,  it doesn't but I switched selinux off because I supposed it prevent mysql server starting. I'll try to switch selinux on.

Comment 9 Miroslav Grepl 2011-12-23 11:45:39 UTC

"selinux off" .. you mean you switched to permissive mode or disabled SELinux? 

If you have a problem and you think it could caused by SELinux, you can just switch to permissive mode and look for AVC msgs.

Note You need to log in before you can comment on or make changes to this bug.