bolt 0.5 release
This update has been submitted for testing by gicmo.
This update has been pushed to testing.
New SELinux denials with this release:
module my-boltd 1.0;
require { type boltd_t; type syslogd_var_run_t; type var_run_t; class sock_file write; class dir { add_name create write }; }
allow boltd_t syslogd_var_run_t:sock_file write; allow boltd_t var_run_t:dir { add_name create write };
Works great! LGTM! =)
Like @bojan, I'm getting new SELinux denials:
type=AVC msg=audit(1537751347.682:227): avc: denied { create } for pid=1617 comm="boltd" name="power" scontext=system_u:system_r:boltd_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1
Bugs filed for SELinux denials: #1632354, #1632356, #1632357, #1632358
Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.
Just for the reference, I did already file https://bugzilla.redhat.com/show_bug.cgi?id=1632230 for denials related to "/run/bolt/"
same as @bojan and @dhgutteridge, causing SELInux denial.
works for me, don't use boltd though
This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes
Seeing the same SELinux denials as the others have noted
I don't have SELinux enable and it just worked for me.
WFM
Please login to add feedback.
Confirm request to re-trigger tests.
This update has been submitted for testing by gicmo.
This update has been pushed to testing.
New SELinux denials with this release:
module my-boltd 1.0;
require { type boltd_t; type syslogd_var_run_t; type var_run_t; class sock_file write; class dir { add_name create write }; }
============= boltd_t ==============
!!!! This avc is allowed in the current policy
allow boltd_t syslogd_var_run_t:sock_file write; allow boltd_t var_run_t:dir { add_name create write };
Works great! LGTM! =)
Like @bojan, I'm getting new SELinux denials:
Bugs filed for SELinux denials: #1632354, #1632356, #1632357, #1632358
Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.
Just for the reference, I did already file https://bugzilla.redhat.com/show_bug.cgi?id=1632230 for denials related to "/run/bolt/"
same as @bojan and @dhgutteridge, causing SELInux denial.
works for me, don't use boltd though
This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes
Seeing the same SELinux denials as the others have noted
I don't have SELinux enable and it just worked for me.
WFM