[vbox-dev] SELinux is preventing vboxdrv.sh from write access on the directory /etc/udev/rules.d.
Michael Thayer
michael.thayer at oracle.com
Thu Sep 8 06:36:46 UTC 2016
Hello Samuel,
Not sure if you the same person who filed the bug ticket<1>, but see the
update there about this.
Regards,
Michael
<1> https://www.virtualbox.org/ticket/15816
On 25.08.2016 10:11, Samuel Rakitničan wrote:
> Ping?
>
> 2016-07-24 17:46 GMT+02:00 Samuel Rakitničan
> <samuel.rakitnican at gmail.com <mailto:samuel.rakitnican at gmail.com>>:
>
> Hi,
>
> I have VirtualBox 5.1 installed from Oracle repository. This message
> popped just now when updating Fedora 24, I suppose DKMS kicked in.
> Basically vboxdrv.sh is trying to write udev rule file but fails due
> SELinux blocking it. Not sure if that was always the case or did that
> change just recently. What should be fixed?
>
>
> Regards,
> Samuel Rakitničan
>
> --
> Full SELinux report:
>
> SELinux is preventing vboxdrv.sh from write access on the directory
> /etc/udev/rules.d.
>
> ***** Plugin catchall (100. confidence)
> suggests **************************
>
> If you believe that vboxdrv.sh should be allowed write access on the
> rules.d directory by default.
> Then you should report this as a bug.
> You can generate a local policy module to allow this access.
> Do
> allow this access for now by executing:
> # ausearch -c 'vboxdrv.sh' --raw | audit2allow -M my-vboxdrvsh
> # semodule -X 300 -i my-vboxdrvsh.pp
>
> Additional Information:
> Source Context system_u:system_r:init_t:s0
> Target Context system_u:object_r:udev_rules_t:s0
> Target Objects /etc/udev/rules.d [ dir ]
> Source vboxdrv.sh
> Source Path vboxdrv.sh
> Port <Unknown>
> Host oldiemodern
> Source RPM Packages
> Target RPM Packages systemd-udev-229-8.fc24.x86_64
> Policy RPM selinux-policy-3.13.1-191.5.fc24.noarch
> Selinux Enabled True
> Policy Type targeted
> Enforcing Mode Enforcing
> Host Name oldiemodern
> Platform Linux oldiemodern 4.6.4-301.fc24.x86_64
> #1 SMP Tue
> Jul 12 11:50:00 UTC 2016 x86_64 x86_64
> Alert Count 4
> First Seen 2016-07-22 11:28:21 CEST
> Last Seen 2016-07-24 13:33:01 CEST
> Local ID 3ae2775f-c444-41c3-8d9c-a7a224274652
>
> Raw Audit Messages
> type=AVC msg=audit(1469359981.37:113): avc: denied { write }
> for pid=747 comm="vboxdrv.sh" name="rules.d" dev="md126p2"
> ino=201327272 scontext=system_u:system_r:init_t:s0
> tcontext=system_u:object_r:udev_rules_t:s0 tclass=dir permissive=0
>
>
> Hash: vboxdrv.sh,init_t,udev_rules_t,dir,write
>
>
>
>
> _______________________________________________
> vbox-dev mailing list
> vbox-dev at virtualbox.org
> https://www.virtualbox.org/mailman/listinfo/vbox-dev
>
--
Michael Thayer | VirtualBox engineer
ORACLE Deutschland B.V. & Co. KG | Werkstr. 24 | D-71384 Weinstadt
ORACLE Deutschland B.V. & Co. KG
Hauptverwaltung: Riesstraße 25, D-80992 München
Registergericht: Amtsgericht München, HRA 95603
Komplementärin: ORACLE Deutschland Verwaltung B.V.
Hertogswetering 163/167, 3543 AS Utrecht, Niederlande Handelsregister
der Handelskammer Midden-Nederland, Nr. 30143697
Geschäftsführer: Alexander van der Ven, Jan Schultheiss, Val Maher
More information about the vbox-dev
mailing list