[Bugs] [Bug 1212923] [SELinux] [Snapshot] - Gluster/Snapshot creation fails when selinux is in Enforcing mode on RHEL-7.1
bugzilla at redhat.com
bugzilla at redhat.com
Tue Jun 16 11:20:33 UTC 2015
https://bugzilla.redhat.com/show_bug.cgi?id=1212923
--- Comment #27 from senaik at redhat.com ---
Executed the following commands and tried few more snapshot operations faced
below avc denials:
semanage fcontext -a -t fsadm_exec_t /usr/sbin/xfs_db
restorecon -Rv /usr/sbin
restorecon -v /dev/log
grep "AVC" /var/log/audit/audit.log
type=USER_AVC msg=audit(1434468618.176:4239): pid=1 uid=0 auid=4294967295
ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: received policyload
notice (seqno=10) exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=?
terminal=?'
type=AVC msg=audit(1434468674.231:4356): avc: denied { getattr } for
pid=15490 comm="glusterd" path="/dev/dm-23" dev="devtmpfs" ino=2083192
scontext=system_u:system_r:glusterd_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file
[root at rhsqe-vm07 audit]# cat audit.log |audit2allow
#============= glusterd_t ==============
allow glusterd_t fixed_disk_device_t:blk_file getattr;
rpm -qa |grep selinux
selinux-policy-3.13.1-27.el7.noarch
selinux-policy-targeted-3.13.1-27.el7.noarch
libselinux-2.2.2-6.el7.x86_64
libselinux-utils-2.2.2-6.el7.x86_64
libselinux-python-2.2.2-6.el7.x86_64
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=vzpB2DrngF&a=cc_unsubscribe
More information about the Bugs
mailing list