FEDORA-2019-6bbf3d600d created by lvrabec 10 months ago for Fedora 30
obsolete

This update has been submitted for testing by lvrabec.

10 months ago

This update's test gating status has been changed to 'waiting'.

10 months ago

This update's test gating status has been changed to 'ignored'.

10 months ago

This update has been pushed to testing.

10 months ago
User Icon bojan commented & provided feedback 10 months ago

Not giving karma, but see below.

SELinux is preventing boltd from getattr access on the lnk_file /sys/bus/wmi/devices/8ADB159E-1E32-455C-BC93-308A7ED98246.

* Plugin catchall (100. confidence) suggests ******

If you believe that boltd should be allowed getattr access on the 8ADB159E-1E32-455C-BC93-308A7ED98246 lnk_file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing:

ausearch -c 'boltd' --raw | audit2allow -M my-boltd

semodule -X 300 -i my-boltd.pp

Additional Information: Source Context system_u:system_r:boltd_t:s0 Target Context system_u:object_r:sysfs_t:s0 Target Objects /sys/bus/wmi/devices/8ADB159E-1E32-455C-BC93-308A7 ED98246 [ lnk_file ] Source boltd Source Path boltd Port <Unknown> Host <host> Source RPM Packages
Target RPM Packages
Policy RPM selinux-policy-3.14.3-48.fc30.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name <host> Platform Linux <host> 5.2.18-200.fc30.x86_64 #1 SMP Tue Oct 1 13:14:07 UTC 2019 x86_64 x86_64 Alert Count 15 First Seen 2019-10-05 18:59:37 AEST Last Seen 2019-10-05 18:59:37 AEST Local ID fb46027c-2279-40e2-a8f7-feaa3308cc79

Raw Audit Messages type=AVC msg=audit(1570265977.494:204): avc: denied { getattr } for pid=2436 comm="boltd" path="/sys/bus/wmi/devices/8ADB159E-1E32-455C-BC93-308A7ED98246" dev="sysfs" ino=18891 scontext=system_u:system_r:boltd_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=lnk_file permissive=0

Hash: boltd,boltd_t,sysfs_t,lnk_file,getattr

This update's test gating status has been changed to 'greenwave_failed'.

10 months ago

This update's test gating status has been changed to 'ignored'.

10 months ago
User Icon szydell provided feedback 10 months ago
karma

lvrabec edited this update.

New build(s):

  • selinux-policy-3.14.3-49.fc30

Removed build(s):

  • selinux-policy-3.14.3-48.fc30

Karma has been reset.

10 months ago

This update has been submitted for testing by lvrabec.

10 months ago

This update has been pushed to testing.

10 months ago
User Icon bojan provided feedback 10 months ago
karma
User Icon mhayden commented & provided feedback 10 months ago
karma

No issues noted on hardware or KVM guest.

User Icon mhayden commented & provided feedback 10 months ago
karma

No issues noted.

This update can be pushed to stable now if the maintainer wishes

10 months ago

This update has been obsoleted by selinux-policy-3.14.3-50.fc30.

10 months ago

Please login to add feedback.

Metadata
Type
bugfix
Severity
high
Karma
2
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-2
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
10 months ago
in testing
10 months ago
modified
10 months ago
BZ#1716044 SELinux is preventing dockerd-current from using the 'net_broadcast' capabilities.
0
0
BZ#1750112 selinux is blocking gdm from accessing boot_t files, breaking the grub hidden menu feature
0
0
BZ#1750288 Blocking the D-Bus autostart of fwupd
0
0
BZ#1751816 SELinux is preventing ps from using the sys_ptrace capability.
0
0
BZ#1753383 SELinux is preventing (systemd) from 'add_name' accesses on the katalog sddm.
0
0
BZ#1754767 SELinux is preventing xz from using the fowner capability.
0
0
BZ#1756790 SELinux is preventing bwrap from 'setpcap' accesses on the cap_userns Desconocido.
0
0
BZ#1756791 SELinux is preventing bwrap from 'nlmsg_write' accesses on the netlink_route_socket Desconocido.
0
0
BZ#1756973 Allow read access from exim to mysql config files
0
0
BZ#1759019 SELinux is preventing boltd from 'getattr' accesses on the lnk_file /sys/bus/wmi/devices/7FF47003-3B6C-4E5E-A227-E979824A85D1.
0
0

Automated Test Results