Hi All,
Fedroa 39 and 41 maybe.
I am throwing the follow selinux error:
If you want to allow daemon-init to have watch
access on the mdevctl.d directory Then you need to
change the label on /etc/mdevctl.d
Do
# semanage fcontext -a -t FILE_TYPE '/etc/mdevctl.d'
where FILE_TYPE is one of the following: mdevctl_conf_t,
virt_cache_t, virt_common_var_run_t, virt_etc_rw_t,
virt_var_run_t, virtnodedevd_t, virtnodedevd_var_run_t.
Then execute:
restorecon -v '/etc/mdevctl.d'
Problem: How am I suppose to know what file type
is in question of the seven presented?
Then it goes on to say:
Do allow this access for now by executing:
# ausearch -c 'daemon-init' --raw | audit2allow -M my-daemoninit
# semodule -X 300 -i my-daemoninit.pp
And that gives:
# ausearch -c 'daemon-init' --raw | audit2allow -M my-daemoninit
******************** IMPORTANT ***********************
To make this policy package active, execute:
semodule -i my-daemoninit.pp
# semodule -X 300 -i my-daemoninit.pp
Failed to resolve typeattributeset statement at
/var/lib/selinux/targeted/tmp/modules/200/snappy/cil:223
Failed to resolve AST
semodule: Failed!
??????????????????????
Yours in frustration,
-T