Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1301327 - user crontab stopped working
Summary: user crontab stopped working
Keywords:
Status: CLOSED DUPLICATE of bug 1298192
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: 23
Hardware: All
OS: Linux
unspecified
high
Target Milestone: ---
Assignee: Miroslav Grepl
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-01-24 08:34 UTC by Laurentiu Pancescu
Modified: 2016-01-24 16:44 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-01-24 16:44:14 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Laurentiu Pancescu 2016-01-24 08:34:24 UTC 
I only noticed yesterday evening that the automatic remote backups, triggered twice daily via a user crontab, had stopped working after the upgrade from F22 to F23 (performed last weekend).  I found log messages like the following:

Jan 23 19:42:01 localhost.localdomain crond[1111]: (meike) Unauthorized SELinux context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 file_context=unconfined_u:object_r:user_cron_spool_t:s0 (/var/spool/cron/meike)
Jan 23 19:42:01 localhost.localdomain crond[1111]: (meike) FAILED (loading cron table)

Unfortunately, restorecon only displays a warning about missing the default context for that file; I also removed the crontab with "crontab -r" and recreated it with "crontab -e", but this results in the same SELinux context - the backup doesn't run, and I see the same log message mentioning SELinux again.  Does the latest SELinux policy require userspace changes in crontab?
Comment 1 Kim Bisgaard 2016-01-24 10:39:53 UTC 
I get this too, and I too recently upgraded from :
Jan 24 10:20:37 jukebox crontab[19006]: (mythtv) BEGIN EDIT (mythtv)
Jan 24 10:21:44 jukebox crontab[19006]: (mythtv) REPLACE (mythtv)
Jan 24 10:21:44 jukebox crontab[19006]: (mythtv) END EDIT (mythtv)
Jan 24 10:22:01 jukebox crond[8384]: (root) Unauthorized SELinux context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 file_context=unconfined_u:object_r:user_cron_spool_t:s0 (/var/spool/cron/root)
Jan 24 10:22:01 jukebox crond[8384]: (root) FAILED (loading cron table)
Jan 24 10:22:01 jukebox crond[8384]: (mythtv) Unauthorized SELinux context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 file_context=unconfined_u:object_r:user_cron_spool_t:s0 (/var/spool/cron/mythtv)
Jan 24 10:22:01 jukebox crond[8384]: (mythtv) FAILED (loading cron table)

ls -alZ /var/spool/cron
total 12
drwx------.  2 root   root   system_u:object_r:user_cron_spool_t:s0     4096 jan 24 10:21 .
drwxr-xr-x. 14 root   root   system_u:object_r:var_spool_t:s0           4096 sep 10 10:23 ..
-rw-------.  1 mythtv mythtv unconfined_u:object_r:user_cron_spool_t:s0  127 jan 24 10:21 mythtv
-rw-------.  1 root   root   unconfined_u:object_r:user_cron_spool_t:s0    0 mar 13  2014 root

ls -lZ /usr/sbin/crond
-rwxr-xr-x. 1 root root system_u:object_r:crond_exec_t:s0 70152 jul 13  2015 /usr/sbin/crond
Comment 2 Kim Bisgaard 2016-01-24 11:46:32 UTC 
rpm -qa cronie selinux-\*
selinux-policy-3.13.1-158.2.fc23.noarch
cronie-1.5.0-3.fc23.x86_64
selinux-policy-targeted-3.13.1-158.2.fc23.noarch
selinux-policy-devel-3.13.1-158.2.fc23.noarch
Comment 3 Petr Lautrbach 2016-01-24 16:44:14 UTC 
Please update your kernel to kernel-4.3.3-303.fc23 - https://bodhi.fedoraproject.org/updates/FEDORA-2016-b59fd603be

*** This bug has been marked as a duplicate of bug 1298192 ***
Note You need to log in before you can comment on or make changes to this bug.