View Issue Details

IDProjectCategoryView StatusLast Update
0015804CentOS-7selinux-policypublic2019-02-10 00:57
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
PlatformOSOS Version7
Product Version 
Target VersionFixed in Version 
Summary0015804: SELinux is preventing /usr/sbin/bumblebeed from using the 'sigkill' accesses on a process.
DescriptionDescription of problem:
SELinux is preventing /usr/sbin/bumblebeed from using the 'sigkill' accesses on a process.

***** Plugin catchall (100. confidence) suggests **************************

If you believe that bumblebeed should be allowed sigkill access on processes labeled xserver_t by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
allow this access for now by executing:
# ausearch -c 'bumblebeed' --raw | audit2allow -M my-bumblebeed
# semodule -i my-bumblebeed.pp

Additional Information:
Source Context system_u:system_r:bumblebee_t:s0
Target Context system_u:system_r:xserver_t:s0
Target Objects Unknown [ process ]
Source bumblebeed
Source Path /usr/sbin/bumblebeed
Port <Unknown>
Host (removed)
Source RPM Packages bumblebee-3.3.0-4.el7.x86_64
Target RPM Packages
Policy RPM selinux-policy-3.13.1-229.el7_6.9.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Permissive
Host Name (removed)
Platform Linux (removed) 4.20.7-1.el7.elrepo.x86_64 #1 SMP
                              Wed Feb 6 13:17:46 EST 2019 x86_64 x86_64
Alert Count 1
First Seen 2019-02-09 11:51:53 EST
Last Seen 2019-02-09 11:51:53 EST
Local ID 3ba2df76-65e8-4c60-bafd-86754aa2675a

Raw Audit Messages
type=AVC msg=audit(1549731113.437:71746): avc: denied { sigkill } for pid=1319 comm="bumblebeed" scontext=system_u:system_r:bumblebee_t:s0 tcontext=system_u:system_r:xserver_t:s0 tclass=process permissive=1

type=SYSCALL msg=audit(1549731113.437:71746): arch=x86_64 syscall=kill success=yes exit=0 a0=1715 a1=9 a2=f4240 a3=7ffe74b62de0 items=0 ppid=1 pid=1319 auid=4294967295 uid=0 gid=1001 euid=0 suid=0 fsuid=0 egid=1001 sgid=1001 fsgid=1001 tty=(none) ses=4294967295 comm=bumblebeed exe=/usr/sbin/bumblebeed subj=system_u:system_r:bumblebee_t:s0 key=(null)

Hash: bumblebeed,bumblebee_t,xserver_t,process,sigkill

Version-Release number of selected component:
Additional Informationreporter: libreport-
hashmarkername: setroubleshoot
kernel: 4.20.7-1.el7.elrepo.x86_64
reproducible: Not sure how to reproduce the problem
type: libreport
TagsNo tags attached.


There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2019-02-10 00:57 wrthissell New Issue