Rawhide SELinux issues

[Paul Howarth <paul@xxxxxxxxxxxx>]

I have a Rawhide VM on which I'm seeing some strange issues.

Firstly, I'm getting some AVCs that I don't understand and can't get rid 
of using audit2allow:

type=AVC msg=audit(1341327661.200:69): avc:  denied  { 0x10 } for 
pid=537 comm="sssd_nss" capability=36 
scontext=system_u:system_r:sssd_t:s0 
tcontext=system_u:system_r:sssd_t:s0 tclass=capability2

(audit2allow doesn't output anything for this)

Secondly, I'm seeing denials for kernel_dgram_send for a wide variety of 
domains:

kernel_dgram_send(NetworkManager_t)
kernel_dgram_send(audisp_t)
kernel_dgram_send(auditd_t)
kernel_dgram_send(avahi_t)
kernel_dgram_send(chronyd_t)
kernel_dgram_send(dhcpc_t)
kernel_dgram_send(dnsmasq_t)
kernel_dgram_send(ftpd_t)
kernel_dgram_send(modemmanager_t)
kernel_dgram_send(nfsd_t)
kernel_dgram_send(rpcd_t)
kernel_dgram_send(sendmail_t)
kernel_dgram_send(setroubleshootd_t)
kernel_dgram_send(smf_spf_milter_t)
kernel_dgram_send(sshd_t)
kernel_dgram_send(sssd_t)
kernel_dgram_send(system_dbusd_t)
kernel_dgram_send(systemd_tmpfiles_t)

Is this something that needs adding to a basic domain template? Or 
should I not be getting these?

Paul.
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux