I have to second the previous feedback, SELinux still blocks various services from accessing /etc/ld.so.cache file. It's so severe that that troubleshooting tool uses a lot of CPU resources and makes the fan go on.
BZ#1542903 SELinux is preventing hostname from read, write access on the chr_file /dev/ttyUSB1.
0
0
BZ#1543033 SELinux is preventing memcached from starting
0
0
BZ#1543375 SELinux is preventing unix_update from using the 'fsetid' capabilities.
0
0
BZ#1543650 SELinux is preventing systemd-rfkill from 'module_request' accesses on the system Unknown.
0
0
BZ#1543997 SELinux is preventing gnome-directory from 'getattr' accesses on the fifo_file /run/dmeventd-server.
0
0
BZ#1544251 SELinux is preventing gdm-wayland-ses from 'read' accesses on the lnk_file machine-id.
0
0
BZ#1544270 SELinux is preventing telepathy-logge from 'map' accesses on the file /run/user/1000/dconf/user.
0
0
BZ#1544272 SELinux is preventing systemd from using the 'sigkill' accesses on a process.
0
0
BZ#1544273 SELinux is preventing abrt-action-gen from 'map' accesses on the file /var/spool/abrt/ccpp-2018-02-12-09:44:13.351807-3048/coredump.
0
0
BZ#1544551 SELinux is preventing openconnect from 'map' accesses on the file /usr/share/pki/ca-trust-source/ca-bundle.trust.p11-kit.
0
0
BZ#1544627 SELinux is preventing boinc_client from 'read' accesses on the file mmap_min_addr.
0
0
BZ#1545348 SELinux is preventing nm-l2tp-service from 'search' accesses on the directory strongswan.
0
0
BZ#1545643 SELinux is preventing bluetoothd from 'map' accesses on the file /usr/libexec/bluetooth/bluetoothd.
0
0
BZ#1546423 SELinux is preventing bluetoothd from 'create' accesses on the socket Unknown.
0
0
BZ#1547056 SELinux is preventing abrt-action-sav from 'read' accesses on the Datei resolv.conf.
0
0
BZ#1547057 SELinux is preventing pool from 'read' accesses on the Datei resolv.conf.
0
0
BZ#1547098 SELinux is preventing NetworkManager from 'read' accesses on the Datei resolv.conf.
0
0
BZ#1547227 SELinux is preventing systemd-update- from 'module_request' accesses on the system Unknown.
0
0
BZ#1547259 SELinux is preventing addconn from 'read' accesses on the file nm-l2tp-ipsec-56798339-a275-487a-a299-1d1d0a179e66.conf.
0
0
BZ#1547338 SELinux is preventing (uetoothd) from 'mounton' accesses on the directory /var/lib/bluetooth.
0
0
BZ#1547416 SELinux is preventing (uetoothd) from 'mounton' accesses on the directory /var/lib/bluetooth.
0
0
BZ#1547761 SELinux is preventing /usr/lib/systemd/systemd-journald from 'map' accesses on the file 2F6D656D66643A73642D73797374656D642D636F726564756D202864656C6574656429.
0
0
BZ#1547874 SELinux is preventing powertop from 'setopt' accesses on the netlink_generic_socket Unknown.
0
0
BZ#1547875 SELinux is preventing powertop from 'read' accesses on the file id.
0
0
BZ#1547876 SELinux is preventing systemd from 'bind' accesses on the netlink_selinux_socket Unknown.
0
0
BZ#1551033 SELinux is preventing colord from 'map' accesses on the file /home/fedora/kasmith/.local/share/icc/edid-a920bbe26e6ac81fc5b993f93b3b4cba.icc.
0
0
BZ#1551738 snapper causes selinux denials after dnf update
0
0
BZ#1551770 SELinux is preventing mkhomedir_helpe from 'write' accesses on the sock_file system_bus_socket.
0
0
BZ#1551842 SELinux is preventing plymouthd from 'map' accesses on the chr_file /dev/fb0.
0
0
BZ#1552398 SELinux is preventing rpcbind from 'create' accesses on the directory rpcbind.
0
0
BZ#1552416 SELinux is preventing ffspart from 'map' accesses on the chr_file /dev/zero.
0
0
BZ#1552436 SELinux is preventing boinc_client from 'open' accesses on the file /sys/fs/cgroup/cpuset/cpuset.cpus.
0
0
BZ#1552437 SELinux is preventing boinc_client from 'open' accesses on the file /proc/sys/vm/mmap_min_addr.
0
0
BZ#1552535 SELinux is preventing modprobe from 'map' accesses on the file /usr/lib/modules/4.15.6-300.fc27.x86_64/modules.dep.bin.
0
0
BZ#1552536 SELinux is preventing php-fpm from 'create' accesses on the netlink_kobject_uevent_socket Unknown.
0
0
BZ#1552765 SELinux is preventing ABRT a map access to /tmp /var/tmp
0
0
BZ#1554087 minidlna service runs as unconfined_service_t because of wrong file context pattern
0
0
BZ#1554150 SELinux is preventing lxdm-session from 'sys_ptrace' accesses on the cap_userns Unknown.
This update has been submitted for testing by lvrabec.
This update has been pushed to testing.
No regressions here.
works for me still
I'm getting denials with this update:
I think this is https://bugzilla.redhat.com/show_bug.cgi?id=1543153.
Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.
I have to second the previous feedback, SELinux still blocks various services from accessing /etc/ld.so.cache file. It's so severe that that troubleshooting tool uses a lot of CPU resources and makes the fan go on.
Works for me.
Working.
No regressions found
lvrabec edited this update.
New build(s):
Removed build(s):
Karma has been reset.
This update has been submitted for testing by lvrabec.
This update has been pushed to testing.
plymouth-debug.log access apparently still not allowed
This does not fix #1551033 for me.
WFM
Clears up the bluetoothd errors on startup.
no regressions noted
Does not resolve #1471545
No regressions noted.
Works fine for me!
This update has been submitted for batched by lvrabec.
This update has been submitted for stable by bodhi.
This update has been pushed to stable.