hi guys
I have a few Centos 7.6 boxes and one would not let numad start showing:
...
Was caused by: Missing type enforcement (TE) allow rule. You can use audit2allow to generate a loadable module to allow this access. type=AVC msg=audit(1559226205.999:2396605): avc: denied { unix_read } for pid=61553 comm="numad" key=-559038737 scontext=system_u:system_r:numad_t:s0 tcontext=system_u:system_r:virtd_lxc_t:s0-s0:c0.c1023 tclass=msgq permissive=0 Was caused by: Missing type enforcement (TE) allow rule. You can use audit2allow to generate a loadable module to allow this access. type=AVC msg=audit(1559226205.999:2396606): avc: denied { unix_read } for pid=61553 comm="numad" key=-559038737 scontext=system_u:system_r:numad_t:s0 tcontext=system_u:system_r:virtd_lxc_t:s0-s0:c0.c1023 tclass=msgq permissive=0 Was caused by: Missing type enforcement (TE) allow rule. You can use audit2allow to generate a loadable module to allow this access. type=AVC msg=audit(1559226206.000:2396607): avc: denied { unix_read } for pid=61553 comm="numad" key=-559038737 scontext=system_u:system_r:numad_t:s0 tcontext=system_u:system_r:virtd_lxc_t:s0-s0:c0.c1023 tclass=msgq permissive=0 Was caused by: Missing type enforcement (TE) allow rule. You can use audit2allow to generate a loadable module to allow this access
--end
How would that one box be different? Am I missing some boolean(s)?
many thanks, L.
selinux@lists.fedoraproject.org