Description of problem: SELinux is preventing /usr/lib/systemd/systemd-hostnamed from 'read' accesses on the file cpuinfo. ***** Plugin catchall (100. confidence) suggests *************************** If vous pensez que systemd-hostnamed devrait être autorisé à accéder read sur cpuinfo file par défaut. Then vous devriez rapporter ceci en tant qu'anomalie. Vous pouvez générer un module de stratégie local pour autoriser cet accès. Do autoriser cet accès pour le moment en exécutant : # grep systemd-hostnam /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:systemd_hostnamed_t:s0 Target Context system_u:object_r:proc_t:s0 Target Objects cpuinfo [ file ] Source systemd-hostnam Source Path /usr/lib/systemd/systemd-hostnamed Port <Inconnu> Host (removed) Source RPM Packages systemd-206-1.fc20.x86_64 Target RPM Packages Policy RPM selinux-policy-3.12.1-66.fc20.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Host Name (removed) Platform Linux (removed) 3.11.0-0.rc2.git3.1.fc20.x86_64 #1 SMP Thu Jul 25 15:47:12 UTC 2013 x86_64 x86_64 Alert Count 1 First Seen 2013-07-26 20:45:35 CEST Last Seen 2013-07-26 20:45:35 CEST Local ID 343f5d34-c077-41cc-ac24-0023c991be1d Raw Audit Messages type=AVC msg=audit(1374864335.389:179): avc: denied { read } for pid=3902 comm="systemd-hostnam" name="cpuinfo" dev="proc" ino=4026532027 scontext=system_u:system_r:systemd_hostnamed_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file type=AVC msg=audit(1374864335.389:179): avc: denied { open } for pid=3902 comm="systemd-hostnam" path="/proc/cpuinfo" dev="proc" ino=4026532027 scontext=system_u:system_r:systemd_hostnamed_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file type=SYSCALL msg=audit(1374864335.389:179): arch=x86_64 syscall=open success=yes exit=EIO a0=7fd4e28520fe a1=80000 a2=1b6 a3=6e49202c6c616e6f items=0 ppid=1 pid=3902 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm=systemd-hostnam exe=/usr/lib/systemd/systemd-hostnamed subj=system_u:system_r:systemd_hostnamed_t:s0 key=(null) Hash: systemd-hostnam,systemd_hostnamed_t,proc_t,file,read Additional info: reporter: libreport-2.1.6 hashmarkername: setroubleshoot kernel: 3.11.0-0.rc0.git3.1.fc20.x86_64 type: libreport
Fixed in selinux-policy-3.12.1-68.fc20.noarch