Description of problem:
SELinux is preventing (geoclue) from 'execute_no_trans' accesses on the file /usr/libexec/geoclue.
***** Plugin catchall (100. confidence) suggests **************************
If you believe that (geoclue) should be allowed execute_no_trans access on the geoclue file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c '(geoclue)' --raw | audit2allow -M my-geoclue
# semodule -X 300 -i my-geoclue.pp
Additional Information:
Source Context system_u:system_r:init_t:s0
Target Context system_u:object_r:geoclue_exec_t:s0
Target Objects /usr/libexec/geoclue [ file ]
Source (geoclue)
Source Path (geoclue)
Port <Unknown>
Host (removed)
Source RPM Packages
Target RPM Packages geoclue2-2.4.10-1.fc29.x86_64
Policy RPM selinux-policy-3.14.2-16.fc29.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name (removed)
Platform Linux (removed) 4.17.0-0.rc3.git2.1.fc29.x86_64 #1
SMP Wed May 2 16:56:55 UTC 2018 x86_64 x86_64
Alert Count 1
First Seen 2018-05-05 11:21:58 +05
Last Seen 2018-05-05 11:21:58 +05
Local ID 91fdc8db-4f7c-4fcd-abc6-728cb0776756
Raw Audit Messages
type=AVC msg=audit(1525501318.483:366): avc: denied { execute_no_trans } for pid=22696 comm="(geoclue)" path="/usr/libexec/geoclue" dev="sda1" ino=2102999 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:geoclue_exec_t:s0 tclass=file permissive=0
Hash: (geoclue),init_t,geoclue_exec_t,file,execute_no_trans
Version-Release number of selected component:
selinux-policy-3.14.2-16.fc29.noarch
Additional info:
component: selinux-policy
reporter: libreport-2.9.5
hashmarkername: setroubleshoot
kernel: 4.17.0-0.rc3.git2.1.fc29.x86_64
type: libreport
Comment 3Fedora Update System
2018-09-12 02:57:36 UTC
selinux-policy-3.14.2-34.fc29 has been pushed to the Fedora 29 stable repository. If problems still persist, please make note of it in this bug report.
Description of problem:
at the boot whithout doing anything I have this alert
Version-Release number of selected component:
selinux-policy-3.14.2-48.fc29.noarch
Additional info:
reporter: libreport-2.10.0
hashmarkername: setroubleshoot
kernel: 4.13.9-300.fc27.x86_64
type: libreport