Hi,
I have VirtualBox 5.1 installed from Oracle repository. This message
popped just now when updating Fedora 24, I suppose DKMS kicked in.
Basically vboxdrv.sh is trying to write udev rule file but fails due
SELinux blocking it. Not sure if that was always the case or did that
change just recently. What should be fixed?
Regards,
Samuel Rakitničan
--
Full SELinux report:
SELinux is preventing vboxdrv.sh from write access on the directory
/etc/udev/rules.d.
***** Plugin catchall (100. confidence)
suggests **************************
If you believe that vboxdrv.sh should be allowed write access on the
rules.d directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'vboxdrv.sh' --raw | audit2allow -M my-vboxdrvsh
# semodule -X 300 -i my-vboxdrvsh.pp
Additional Information:
Source Context system_u:system_r:init_t:s0
Target Context system_u:object_r:udev_rules_t:s0
Target Objects /etc/udev/rules.d [ dir ]
Source vboxdrv.sh
Source Path vboxdrv.sh
Port <Unknown>
Host oldiemodern
Source RPM Packages
Target RPM Packages systemd-udev-229-8.fc24.x86_64
Policy RPM selinux-policy-3.13.1-191.5.fc24.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name oldiemodern
Platform Linux oldiemodern 4.6.4-301.fc24.x86_64
#1 SMP Tue
Jul 12 11:50:00 UTC 2016 x86_64 x86_64
Alert Count 4
First Seen 2016-07-22 11:28:21 CEST
Last Seen 2016-07-24 13:33:01 CEST
Local ID 3ae2775f-c444-41c3-8d9c-a7a224274652
Raw Audit Messages
type=AVC msg=audit(1469359981.37:113): avc: denied { write }
for pid=747 comm="vboxdrv.sh" name="rules.d" dev="md126p2"
ino=201327272 scontext=system_u:system_r:init_t:s0
tcontext=system_u:object_r:udev_rules_t:s0 tclass=dir permissive=0
Hash: vboxdrv.sh,init_t,udev_rules_t,dir,write
_______________________________________________
vbox-dev mailing list
vbox-dev@virtualbox.org
https://www.virtualbox.org/mailman/listinfo/vbox-dev
