https://bugzilla.redhat.com/show_bug.cgi?id=1381127
Bug ID: 1381127
Summary: PCP SELinux issues
Product: Fedora
Version: 24
Component: pcp
Assignee: nathans@xxxxxxxxxx
Reporter: myllynen@xxxxxxxxxx
QA Contact: extras-qa@xxxxxxxxxxxxxxxxx
CC: brolley@xxxxxxxxxx, fche@xxxxxxxxxx, lberk@xxxxxxxxxx,
mgoodwin@xxxxxxxxxx, nathans@xxxxxxxxxx,
pcp@xxxxxxxxxxx, scox@xxxxxxxxxx
Created attachment 1206766
--> https://bugzilla.redhat.com/attachment.cgi?id=1206766&action=edit
PCP AVCs
Description of problem:
Fedora 24 + updates + pcp-3.11.5-1.fc24 + SELinux in Permissive +
pmcd/pmlogger/pmie services enabled gives the attached AVCs on boot.
This is probably due to SELinux policies but filing initially against the pcp
component to give PCP developers a heads-up, at this rate PCP appears as a
second class citizen, it's the only component at least on my systems having
severe issues with SELinux.
$ wc -l pcp-avcs.txt
54 pcp-avcs.txt
Also see https://bugzilla.redhat.com/show_bug.cgi?id=1337968 which haven't seen
any activity in months. But note that this BZ has new AVCs, e.g., the ldconfig
one which originates from ctypes/util.py which gets called when a Python PMDA
is installed.
grep SYSCALL audit.log gave no hits so if you need more information I'd suggest
you to reproduce locally as that should be trivial.
Thanks.
Version-Release number of selected component (if applicable):
pcp-3.11.5-1.fc24.x86_64
selinux-policy-targeted-3.13.1-191.17.fc24.noarch
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug
https://bugzilla.redhat.com/token.cgi?t=oD24HqonTH&a=cc_unsubscribe
|