Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1532034
Summary: | SELinux is preventing tlp from 'open' accesses on the file /run/tlp/lock_tlp. | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Greg <greg> |
Component: | selinux-policy | Assignee: | Lukas Vrabec <lvrabec> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 27 | CC: | dwalsh, luca.botti, lvrabec, mgrepl, plautrba, pmoore |
Target Milestone: | --- | Keywords: | Reopened |
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Unspecified | ||
Whiteboard: | abrt_hash:01060382519c425a255ae8e0ea900fa0795cb090eb866846e84759eb13c174bf; | ||
Fixed In Version: | selinux-policy-3.13.1-284.37.fc27 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2018-08-08 15:34:25 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Greg
2018-01-07 14:54:26 UTC
Please, update selinux-policy rpm package to the latest version and run: ***** Plugin restorecon (99.5 confidence) suggests ************************ If you want to fix the label. /run/tlp/lock_tlp default label should be tlp_var_run_t. Then you can run restorecon. The access attempt may have been stopped due to insufficient permissions to access a parent directory in which case try to change the following command accordingly. Do # /sbin/restorecon -v /run/tlp/lock_tlp Thanks, Lukas. If you read my comments, I already tried everything you suggested. At the time of writing, my selinux-policy was already at the latest available via dnf (I tried dnf update selinux policy). This was selinux-policy-3.13.1-283.19.fc27.noarch. I tried: /sbin/restorecon -v /run/tlp/lock_tlp and /sbin/restorecon -v /run/tlp/ This worked for some time, but the issue returned because the security context of the file got changed back to system_u:object_r:var_run_t:s0 (instead of system_u:object_r:tlp_var_run_t:s0). How can I figure out what is changing it and why? Description of problem: Resumed from suspend Version-Release number of selected component: selinux-policy-3.13.1-283.26.fc27.noarch Additional info: reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.15.8-300.fc27.x86_64 type: libreport selinux-policy-3.13.1-284.37.fc27 has been submitted as an update to Fedora 27. https://bodhi.fedoraproject.org/updates/FEDORA-2018-4bb4de2d86 selinux-policy-3.13.1-284.37.fc27 has been pushed to the Fedora 27 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2018-4bb4de2d86 selinux-policy-3.13.1-284.37.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report. |