View Issue Details

IDProjectCategoryView StatusLast Update
0015733CentOS-7selinux-policypublic2019-01-23 03:05
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
PlatformOSOS Version7
Product Version 
Target VersionFixed in Version 
Summary0015733: SELinux is preventing /usr/sbin/plymouthd from 'map' accesses on the chr_file /dev/fb0.
DescriptionDescription of problem:
SELinux is preventing /usr/sbin/plymouthd from 'map' accesses on the chr_file /dev/fb0.

***** Plugin catchall (100. confidence) suggests **************************

If you believe that plymouthd should be allowed map access on the fb0 chr_file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
allow this access for now by executing:
# ausearch -c 'plymouthd' --raw | audit2allow -M my-plymouthd
# semodule -i my-plymouthd.pp

Additional Information:
Source Context system_u:system_r:plymouthd_t:s0
Target Context system_u:object_r:framebuf_device_t:s0
Target Objects /dev/fb0 [ chr_file ]
Source plymouthd
Source Path /usr/sbin/plymouthd
Port <Unknown>
Host (removed)
Source RPM Packages plymouth-0.8.9-0.31.20140113.el7.centos.x86_64
Target RPM Packages
Policy RPM selinux-policy-3.13.1-229.el7_6.6.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name (removed)
Platform Linux (removed) 3.10.0-957.1.3.el7.x86_64 #1 SMP
                              Thu Nov 29 14:49:43 UTC 2018 x86_64 x86_64
Alert Count 310
First Seen 2019-01-01 00:09:59 +07
Last Seen 2019-01-21 17:56:22 +07
Local ID ba3501ef-ab79-48e0-a307-c7575b630f8c

Raw Audit Messages
type=AVC msg=audit(1548068182.224:1468910): avc: denied { map } for pid=12730 comm="plymouthd" path="/dev/fb0" dev="devtmpfs" ino=17809 scontext=system_u:system_r:plymouthd_t:s0 tcontext=system_u:object_r:framebuf_device_t:s0 tclass=chr_file permissive=0

type=SYSCALL msg=audit(1548068182.224:1468910): arch=x86_64 syscall=mmap success=no exit=EACCES a0=0 a1=2b1100 a2=2 a3=1 items=0 ppid=1 pid=12730 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=plymouthd exe=/usr/sbin/plymouthd subj=system_u:system_r:plymouthd_t:s0 key=(null)

Hash: plymouthd,plymouthd_t,framebuf_device_t,chr_file,map

Version-Release number of selected component:
Additional Informationreporter: libreport-
hashmarkername: setroubleshoot
kernel: 3.10.0-957.1.3.el7.x86_64
reproducible: Not sure how to reproduce the problem
type: libreport
TagsNo tags attached.


There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2019-01-23 03:05 nuchan New Issue