How to install

sudo dnf upgrade --advisory=FEDORA-2017-5178e6a393

This update has been submitted for testing by lvrabec.

2 years ago
User Icon remi provided feedback 2 years ago
karma
BZ#1502303 php-fpm crashed with default SELinux settings
User Icon remi commented & provided feedback 2 years ago
karma

I confirm php-fpm start is now ok (#1502303)

BZ#1502303 php-fpm crashed with default SELinux settings
User Icon proski commented & provided feedback 2 years ago
karma

No more "check engine" on tilix start

BZ#1509502 SELinux is preventing bwrap from nnp_transition, nosuid_transition access on the process2 Unknown.
User Icon bluepencil commented & provided feedback 2 years ago

Still has no default label for /dev/mqueue

User Icon nyk provided feedback 2 years ago
BZ#1509502 SELinux is preventing bwrap from nnp_transition, nosuid_transition access on the process2 Unknown.
User Icon nyk provided feedback 2 years ago
karma
User Icon alexpl commented & provided feedback 2 years ago
karma

This update addresses quite a number of bugs I had on three very different systems, plus a few more, e.g. #1482354 as well as some other issues for which there were no bugs filed.

BZ#1502303 php-fpm crashed with default SELinux settings
BZ#1513883 SELinux is preventing gnome-shell from 'execute' accesses on the file 2F72756E2F676E6F6D652D696E697469616C2D73657475702F233232343434202864656C6574656429.
BZ#1509502 SELinux is preventing bwrap from nnp_transition, nosuid_transition access on the process2 Unknown.
BZ#1499390 SELinux is preventing ibus-daemon from using the 'signull' accesses on a process.

This update has been pushed to testing.

2 years ago
User Icon lars commented & provided feedback 2 years ago

This update solves #1512783.

BZ#1512783 Docker embedded DNS doesn't function when running with SELinux and --userns-remap
User Icon cserpentis commented & provided feedback 2 years ago
karma

works for me

User Icon besser82 commented & provided feedback 2 years ago
karma

Works great! LGTM! =)

This update has been submitted for batched by bodhi.

2 years ago
User Icon anassahmed commented & provided feedback 2 years ago
karma

LGTM

BZ#1512242 SELinux is preventing geary from 'map' accesses on the fifo_file fifo_file.
BZ#1509502 SELinux is preventing bwrap from nnp_transition, nosuid_transition access on the process2 Unknown.

lvrabec edited this update.

2 years ago

lvrabec edited this update.

2 years ago

lvrabec edited this update.

2 years ago

lvrabec edited this update.

2 years ago

This update has been submitted for stable by lvrabec.

2 years ago

lvrabec edited this update.

2 years ago

This update has been pushed to stable.

2 years ago
User Icon anonymous commented & provided feedback 2 years ago
[    6.967575] SELinux:  Permission getrlimit in class process not defined in policy.
[    6.969711] SELinux:  Class sctp_socket not defined in policy.
[    6.971703] SELinux:  Class icmp_socket not defined in policy.
[    6.973675] SELinux:  Class ax25_socket not defined in policy.
[    6.975587] SELinux:  Class ipx_socket not defined in policy.
[    6.977443] SELinux:  Class netrom_socket not defined in policy.
[    6.979247] SELinux:  Class atmpvc_socket not defined in policy.
[    6.980982] SELinux:  Class x25_socket not defined in policy.
[    6.982719] SELinux:  Class rose_socket not defined in policy.
[    6.984466] SELinux:  Class decnet_socket not defined in policy.
[    6.986209] SELinux:  Class atmsvc_socket not defined in policy.
[    6.987887] SELinux:  Class rds_socket not defined in policy.
[    6.989508] SELinux:  Class irda_socket not defined in policy.
[    6.991139] SELinux:  Class pppox_socket not defined in policy.
[    6.992769] SELinux:  Class llc_socket not defined in policy.
[    6.994392] SELinux:  Class can_socket not defined in policy.
[    6.995948] SELinux:  Class tipc_socket not defined in policy.
[    6.997448] SELinux:  Class bluetooth_socket not defined in policy.
[    6.998951] SELinux:  Class iucv_socket not defined in policy.
[    7.000461] SELinux:  Class rxrpc_socket not defined in policy.
[    7.001974] SELinux:  Class isdn_socket not defined in policy.
[    7.003430] SELinux:  Class phonet_socket not defined in policy.
[    7.004834] SELinux:  Class ieee802154_socket not defined in policy.
[    7.006186] SELinux:  Class caif_socket not defined in policy.
[    7.007483] SELinux:  Class alg_socket not defined in policy.
[    7.008724] SELinux:  Class nfc_socket not defined in policy.
[    7.009899] SELinux:  Class vsock_socket not defined in policy.
[    7.011077] SELinux:  Class kcm_socket not defined in policy.
[    7.012198] SELinux:  Class qipcrtr_socket not defined in policy.
[    7.013266] SELinux:  Class smc_socket not defined in policy.
[    7.014334] SELinux: the above unknown classes and permissions will be allowed

Please login to add feedback.

Metadata
Type
bugfix
Severity
high
Karma
7
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
6
Stable by Time
disabled
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
modified
2 years ago
BZ#1451479 virtualbox needs more selinux privileges
0
0
BZ#1499390 SELinux is preventing ibus-daemon from using the 'signull' accesses on a process.
0
1
BZ#1502303 php-fpm crashed with default SELinux settings
0
2
BZ#1509502 SELinux is preventing bwrap from nnp_transition, nosuid_transition access on the process2 Unknown.
0
3
BZ#1510249 SELinux is preventing tlp from 'write' accesses on the file lock_tlp.
0
0
BZ#1511269 Startup failures due to AVCs
0
0
BZ#1511948 SELinux is preventing nm-dhcp-helper from 'connectto' accesses on the unix_stream_socket /run/NetworkManager/private-dhcp.
0
0
BZ#1512128 Selinux prevents rpc.gssd and sshd from talking to the new SSSD kerberos key store
0
0
BZ#1512227 SELinux is preventing net from 'map' accesses on the file /var/lib/samba/lock/gencache_notrans.tdb.
0
0
BZ#1512242 SELinux is preventing geary from 'map' accesses on the fifo_file fifo_file.
0
1
BZ#1512560 SELinux is preventing firewalld from 'map' accesses on the device /dev/vda1.
0
0
BZ#1512783 Docker embedded DNS doesn't function when running with SELinux and --userns-remap
0
1
BZ#1512787 SELinux is preventing lircd from 'execute' accesses on the file /usr/bin/bash.
0
0
BZ#1513399 avc: denied { map } for systemd on modules.dep.bin
0
0
BZ#1513704 nssdb auth doesn't work with selinux enforcing due to map permissions denials
0
0
BZ#1513832 SELINUX Confined user (staff_t) cannot log in via GDM
0
0
BZ#1513883 SELinux is preventing gnome-shell from 'execute' accesses on the file 2F72756E2F676E6F6D652D696E697469616C2D73657475702F233232343434202864656C6574656429.
0
1
BZ#1513908 SELinux is preventing smb from 'map' accesses on the file /var/lib/samba/lock/gencache_notrans.tdb.
0
0
BZ#1514232 selinux - squid fails to start
0
0
BZ#1514284 Cannot start slapd
0
0
BZ#1514797 SELinux is preventing gnome-shell from using the 'signull' accesses on a process.
0
0
BZ#1514865 selinux preventing php-fpm from starting when apcu is enabled
0
0

Automated Test Results