DescriptionAdam Williamson
2017-08-18 22:36:43 UTC
Description of problem:
Happened during normal system use, not sure of a specific trigger.
SELinux is preventing systemd-logind from 'read' accesses on the directory dbus-1.
***** Plugin catchall (100. confidence) suggests **************************
If you believe that systemd-logind should be allowed read access on the dbus-1 directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'systemd-logind' --raw | audit2allow -M my-systemdlogind
# semodule -X 300 -i my-systemdlogind.pp
Additional Information:
Source Context system_u:system_r:systemd_logind_t:s0
Target Context unconfined_u:object_r:session_dbusd_tmp_t:s0
Target Objects dbus-1 [ dir ]
Source systemd-logind
Source Path systemd-logind
Port <Unknown>
Host (removed)
Source RPM Packages
Target RPM Packages
Policy RPM selinux-policy-3.13.1-272.fc27.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name (removed)
Platform Linux (removed) 4.13.0-0.rc5.git2.1.fc27.x86_64 #1
SMP Wed Aug 16 17:23:51 UTC 2017 x86_64 x86_64
Alert Count 1
First Seen 2017-08-18 11:19:52 PDT
Last Seen 2017-08-18 11:19:52 PDT
Local ID 422d22a6-e664-4110-af85-b6211056775e
Raw Audit Messages
type=AVC msg=audit(1503080392.709:534): avc: denied { read } for pid=1073 comm="systemd-logind" name="dbus-1" dev="tmpfs" ino=38606 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=unconfined_u:object_r:session_dbusd_tmp_t:s0 tclass=dir permissive=0
Hash: systemd-logind,systemd_logind_t,session_dbusd_tmp_t,dir,read
Version-Release number of selected component:
selinux-policy-3.13.1-272.fc27.noarch
Additional info:
component: selinux-policy
reporter: libreport-2.9.1
hashmarkername: setroubleshoot
kernel: 4.13.0-0.rc5.git2.1.fc27.x86_64
type: libreport
Potential duplicate: bug 1481300
Description of problem: Happened during normal system use, not sure of a specific trigger. SELinux is preventing systemd-logind from 'read' accesses on the directory dbus-1. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that systemd-logind should be allowed read access on the dbus-1 directory by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'systemd-logind' --raw | audit2allow -M my-systemdlogind # semodule -X 300 -i my-systemdlogind.pp Additional Information: Source Context system_u:system_r:systemd_logind_t:s0 Target Context unconfined_u:object_r:session_dbusd_tmp_t:s0 Target Objects dbus-1 [ dir ] Source systemd-logind Source Path systemd-logind Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-272.fc27.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.13.0-0.rc5.git2.1.fc27.x86_64 #1 SMP Wed Aug 16 17:23:51 UTC 2017 x86_64 x86_64 Alert Count 1 First Seen 2017-08-18 11:19:52 PDT Last Seen 2017-08-18 11:19:52 PDT Local ID 422d22a6-e664-4110-af85-b6211056775e Raw Audit Messages type=AVC msg=audit(1503080392.709:534): avc: denied { read } for pid=1073 comm="systemd-logind" name="dbus-1" dev="tmpfs" ino=38606 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=unconfined_u:object_r:session_dbusd_tmp_t:s0 tclass=dir permissive=0 Hash: systemd-logind,systemd_logind_t,session_dbusd_tmp_t,dir,read Version-Release number of selected component: selinux-policy-3.13.1-272.fc27.noarch Additional info: component: selinux-policy reporter: libreport-2.9.1 hashmarkername: setroubleshoot kernel: 4.13.0-0.rc5.git2.1.fc27.x86_64 type: libreport Potential duplicate: bug 1481300