View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0014360||CentOS-7||selinux-policy||public||2018-01-11 07:05||2018-01-11 07:05|
|Priority||normal||Severity||minor||Reproducibility||have not tried|
|Target Version||Fixed in Version|
|Summary||0014360: Targeted policy inhibits use of tmpfiles in /run by many systemd services|
|Description||After turning on enforcing the default targeted policy many systemd services fail to start upon reboot. The services fail to start reporting Permission denied.|
Having collected the reports with audit2allow I can see that a number of policy rules regarding the use of systemd_logind_inhibit_var_run_t are missing.
As a result many services would not start on boot. Specific services affected were:
* rsyslog syslogd
* nginx httpd
|Steps To Reproduce||1. Turn on SELinux state to Enforcing with Targeted security policy in /etc/selinux/config.|
|Additional Information||This popped up after kernel upgrade and I am not familiar enough with CentOS to tell if this is a glitch caused by mistreatment of this particular host or indeed a defect in the selinux-policy.|
Attached is the list of rules that I compiled using audit2allow to make the system boot without errors.
|Tags||No tags attached.|