Red Hat Bugzilla – Bug 825718
SELinux is preventing /usr/bin/ls from getattr access on the blk_file /dev/sdb
Last modified: 2012-06-03 19:32:15 EDT
Created attachment 587186 [details]
Description of problem:
These alerts pop up at every boot.
Maybe are connected to Bug769747.
Version-Release number of selected component (if applicable):
By boot up Fedora.
Created attachment 587187 [details]
Please could you test it with the latest policy which is available from koji
(In reply to comment #2)
> Please could you test it with the latest policy which is available from koji
> Thank you.
In https://bugzilla.redhat.com/attachment.cgi?id=587186, there are two SELinux alerts. After selinux-policy update, is signaled only the second one.
Thank you for testing.
Fixed in selinux-policy-3.10.0-128.fc17
selinux-policy-3.10.0-128.fc17 has been submitted as an update for Fedora 17.
(In reply to comment #5)
> selinux-policy-3.10.0-128.fc17 has been submitted as an update for Fedora 17.
The alert "SELinux is preventing /usr/sbin/sysctl from write access on the file nmi_watchdog" appears again. See https://bugzilla.redhat.com/attachment.cgi?id=587186
Please add the new AVC's the bug you link to is fixed.
selinux-policy-3.10.0-129.fc17 will allow tuned to write to kernel_sysctls_t.
Created attachment 588540 [details]
Alert-sysctl from write access on the file nmi_watchdog
(In reply to comment #7)
> Please add the new AVC's the bug you link to is fixed.
* should fix your issue,
* was pushed to the Fedora 17 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing selinux-policy-3.10.0-128.fc17'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).
selinux-policy-3.10.0-128.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.