Attempted an install of Fedora 20 Beta using Gnome Boxes. Install appeared to work but the image would not boot. We see the following avc logged: time->Wed Nov 13 18:42:44 2013 type=SYSCALL msg=audit(1384396964.830:7237): arch=c000003e syscall=101 success=no exit=-13 a0=10 a1=2873 a2=0 a3=0 items=0 ppid=11756 pid=11762 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 ses=887 tty=(none) comm="gdb" exe="/usr/bin/gdb" subj=unconfined_u:system_r:svirt_t:s0:c320,c528 key=(null) type=AVC msg=audit(1384396964.830:7237): avc: denied { ptrace } for pid=11762 comm="gdb" scontext=unconfined_u:system_r:svirt_t:s0:c320,c528 tcontext=unconfined_u:system_r:svirt_t:s0:c320,c528 tclass=process
Dne 14.11.2013 04:02, David Highley napsal(a):
Attempted an install of Fedora 20 Beta using Gnome Boxes. Install appeared to work but the image would not boot. We see the following avc logged: time->Wed Nov 13 18:42:44 2013 type=SYSCALL msg=audit(1384396964.830:7237): arch=c000003e syscall=101 success=no exit=-13 a0=10 a1=2873 a2=0 a3=0 items=0 ppid=11756 pid=11762 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 ses=887 tty=(none) comm="gdb" exe="/usr/bin/gdb" subj=unconfined_u:system_r:svirt_t:s0:c320,c528 key=(null) type=AVC msg=audit(1384396964.830:7237): avc: denied { ptrace } for pid=11762 comm="gdb" scontext=unconfined_u:system_r:svirt_t:s0:c320,c528 tcontext=unconfined_u:system_r:svirt_t:s0:c320,c528 tclass=process -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
David, could you run it in permissive mode and see what is blowing up?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 11/13/2013 10:02 PM, David Highley wrote:
Attempted an install of Fedora 20 Beta using Gnome Boxes. Install appeared to work but the image would not boot. We see the following avc logged: time->Wed Nov 13 18:42:44 2013 type=SYSCALL msg=audit(1384396964.830:7237): arch=c000003e syscall=101 success=no exit=-13 a0=10 a1=2873 a2=0 a3=0 items=0 ppid=11756 pid=11762 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 ses=887 tty=(none) comm="gdb" exe="/usr/bin/gdb" subj=unconfined_u:system_r:svirt_t:s0:c320,c528 key=(null) type=AVC msg=audit(1384396964.830:7237): avc: denied { ptrace } for pid=11762 comm="gdb" scontext=unconfined_u:system_r:svirt_t:s0:c320,c528 tcontext=unconfined_u:system_r:svirt_t:s0:c320,c528 tclass=process -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
I think this is more the affect then the cause. the vm is crashing and trying to launch gdm to diagnose it, which SELinux blocks. We have seen this before and no one knows why gdm is being launched.
If you run in permissive mode, I would figure it would still fail.
selinux@lists.fedoraproject.org