https://bugs.kde.org/show_bug.cgi?id=381384
--- Comment #1 from Tyson Tan <tyson...@mail.com> ---
Also, something crash exiting with similar SELinux notification:
SELinux is preventing abrt-hook-ccpp from 'getattr' accesses on the chr_file
/dev/dri/card0.
***** Plugin catchall (100. confidence) suggests **************************
If you believe that abrt-hook-ccpp should be allowed getattr access on the
card0 chr_file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'abrt-hook-ccpp' --raw | audit2allow -M my-abrthookccpp
# semodule -X 300 -i my-abrthookccpp.pp
Additional Information:
Source Context system_u:system_r:abrt_dump_oops_t:s0
Target Context system_u:object_r:dri_device_t:s0
Target Objects /dev/dri/card0 [ chr_file ]
Source abrt-hook-ccpp
Source Path abrt-hook-ccpp
Port <Unknown>
Host (removed)
Source RPM Packages
Target RPM Packages
Policy RPM selinux-policy-3.13.1-225.18.fc25.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name (removed)
Platform Linux (removed) 4.11.5-200.fc25.x86_64 #1 SMP Wed
Jun 14 17:17:29 UTC 2017 x86_64 x86_64
Alert Count 27
First Seen 2017-06-19 11:13:11 CST
Last Seen 2017-06-19 14:54:53 CST
Local ID 0e175d73-c270-489c-9234-4d9eedfbf1ec
Raw Audit Messages
type=AVC msg=audit(1497855293.654:230): avc: denied { getattr } for pid=4961
comm="abrt-hook-ccpp" path="/dev/dri/card0" dev="devtmpfs" ino=1723
scontext=system_u:system_r:abrt_dump_oops_t:s0
tcontext=system_u:object_r:dri_device_t:s0 tclass=chr_file permissive=0
Hash: abrt-hook-ccpp,abrt_dump_oops_t,dri_device_t,chr_file,getattr
--
You are receiving this mail because:
You are watching all bug changes.
