78d42e648b
With the new "cgroup2" system added in kernel 4.5, systemd is getting selinux denials when manipulating the cgroup hierarchy. Pull request in systemd with cgroup2 support: https://github.com/systemd/systemd/pull/2903 AVC when writing process numbers to move them to the right cgroup: Mar 29 19:58:30 rawhide kernel: audit: type=1400 audit(1459295910.257:68): avc: denied { write } for pid=1 comm="systemd" name="cgroup.procs" dev="cgroup2" ino=6 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1 In this case new filesystem "cgroup2" need to be labeled as cgroup_t. Signed-off-by: Lukas Vrabec <lvrabec@redhat.com> |
||
|---|---|---|
| .. | ||
| admin | ||
| apps | ||
| contrib@2552eba03b | ||
| kernel | ||
| roles | ||
| services | ||
| system | ||