Re: Migrated to F24

[Robert Moskowitz <rgm@xxxxxxxxxxxxxxx>]

On 08/11/2016 04:50 PM, Rami Rosen wrote:

Hi, Robert
Can you please post the SELinux errors you got ?

The 5 error details are quite long.  Let me give just the first few lines:

=============

SELinux is preventing (uetoothd) from mounton access on the directory /etc.

*****  Plugin catchall_labels (83.8 confidence) suggests   *******************

If you want to allow (uetoothd) to have mounton access on the etc directory
Then you need to change the label on /etc
Do
# semanage fcontext -a -t FILE_TYPE '/etc'


=============

SELinux is preventing lightdm from write access on the file .xsession-errors.

*****  Plugin catchall (100. confidence) suggests   **************************

If you believe that lightdm should be allowed write access on the .xsession-errors file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'lightdm' --raw | audit2allow -M my-lightdm
# semodule -X 300 -i my-lightdm.pp


=============

SELinux is preventing lightdm from rename access on the file .xsession-errors.

*****  Plugin catchall (100. confidence) suggests   **************************

If you believe that lightdm should be allowed rename access on the .xsession-errors file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'lightdm' --raw | audit2allow -M my-lightdm
# semodule -X 300 -i my-lightdm.pp


=============

SELinux is preventing systemd-logind from getattr access on the file /dev/shm/lldpad.state.

*****  Plugin restorecon (99.5 confidence) suggests   ************************

If you want to fix the label.
/dev/shm/lldpad.state default label should be lldpad_tmpfs_t.
Then you can run restorecon.
Do
# /sbin/restorecon -v /dev/shm/lldpad.state

*****  Plugin catchall (1.49 confidence) suggests   **************************

If you believe that systemd-logind should be allowed getattr access on the lldpad.state file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'systemd-logind' --raw | audit2allow -M my-systemdlogind
# semodule -X 300 -i my-systemdlogind.pp


=============

SELinux is preventing accounts-daemon from write access on the directory root.

*****  Plugin catchall (100. confidence) suggests   **************************

If you believe that accounts-daemon should be allowed write access on the root directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'accounts-daemon' --raw | audit2allow -M my-accountsdaemon
# semodule -X 300 -i my-accountsdaemon.pp


=============

I have not tried any of the suggestions.  As I don't know if they are valid or what...

And second: by migrating to 24 I assume that you mean that you upgraded from older fedora, using dnf upgrade tools ? Or did you install Fedora 24 from scratch, overriding existing installation ?

Regards,
Rami Rosen

בתאריך 11 באוג 2016 23:29, "Robert Moskowitz" <rgm@xxxxxxxxxxxxxxx> כתב:

I have switched over to the new system with F24.  With a couple open items.

I am getting SELinux errors, related to the desktop environment mess up at login time.  Of course my practice is that occurs maybe once a month.  I will wait to see how work goes on the reported bugs.

It may have been related to the desktop problems or just the way things are organized, but system-config-printer was not installed and it took me a bit to realize what I was missing to get my printer set up.  But that is done.

QEMU is working as needed after a bit of messing around to get the right rpms installed.


Lots of odds and ends to sort out, but at least current for the next year.  Maybe for next year I will look at something up from my Lenovo x120e (same size, kybd pointer, price, but better).

--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://lists.fedoraproject.org/admin/lists/users@xxxxxxxxxxraproject.org
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://lists.fedoraproject.org/admin/lists/users@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://lists.fedoraproject.org/admin/lists/users@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org