<div dir="ltr">Ping?<br></div><div class="gmail_extra"><br><div class="gmail_quote">2016-07-24 17:46 GMT+02:00 Samuel Rakitničan <span dir="ltr"><<a href="mailto:samuel.rakitnican@gmail.com" target="_blank">samuel.rakitnican@gmail.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi,<br>
<br>
I have VirtualBox 5.1 installed from Oracle repository. This message<br>
popped just now when updating Fedora 24, I suppose DKMS kicked in.<br>
Basically vboxdrv.sh is trying to write udev rule file but fails due<br>
SELinux blocking it. Not sure if that was always the case or did that<br>
change just recently. What should be fixed?<br>
<br>
<br>
Regards,<br>
Samuel Rakitničan<br>
<br>
--<br>
Full SELinux report:<br>
<br>
SELinux is preventing vboxdrv.sh from write access on the directory<br>
/etc/udev/rules.d.<br>
<br>
***** Plugin catchall (100. confidence)<br>
suggests *******************<wbr>*******<br>
<br>
If you believe that vboxdrv.sh should be allowed write access on the<br>
rules.d directory by default.<br>
Then you should report this as a bug.<br>
You can generate a local policy module to allow this access.<br>
Do<br>
allow this access for now by executing:<br>
# ausearch -c 'vboxdrv.sh' --raw | audit2allow -M my-vboxdrvsh<br>
# semodule -X 300 -i my-vboxdrvsh.pp<br>
<br>
Additional Information:<br>
Source Context system_<wbr>u:system_r:init_t:s0<br>
Target Context system_<wbr>u:object_r:udev_rules_t:s0<br>
Target Objects /etc/<wbr>udev/rules.d [ dir ]<br>
Source <wbr>vboxdrv.sh<br>
Source Path <wbr>vboxdrv.sh<br>
Port <wbr><Unknown><br>
Host <wbr>oldiemodern<br>
Source RPM Packages <br>
Target RPM Packages systemd-<wbr>udev-229-8.fc24.x86_64<br>
Policy RPM <wbr>selinux-policy-3.13.1-191.5.<wbr>fc24.noarch<br>
Selinux Enabled True<br>
Policy Type <wbr>targeted<br>
Enforcing Mode Enforcing<br>
Host Name <wbr>oldiemodern<br>
Platform <wbr>Linux oldiemodern 4.6.4-301.fc24.x86_64<br>
#1 SMP Tue<br>
<wbr>Jul 12 11:50:00 UTC 2016 x86_64 x86_64<br>
Alert Count 4<br>
First Seen 2016-<wbr>07-22 11:28:21 CEST<br>
Last Seen 2016-<wbr>07-24 13:33:01 CEST<br>
Local ID <wbr>3ae2775f-c444-41c3-8d9c-<wbr>a7a224274652<br>
<br>
Raw Audit Messages<br>
type=AVC msg=audit(1469359981.37:113): avc: denied { write }<br>
for pid=747 comm="vboxdrv.sh" name="rules.d" dev="md126p2"<br>
ino=201327272 scontext=system_u:system_r:<wbr>init_t:s0<br>
tcontext=system_u:object_r:<wbr>udev_rules_t:s0 tclass=dir permissive=0<br>
<br>
<br>
Hash: vboxdrv.sh,init_t,udev_rules_<wbr>t,dir,write<br>
</blockquote></div><br></div>