Bug 2209664
| Summary: | SELinux is preventing rpcd_winreg from connectto access on the unix_stream_socket /run/systemd/userdb/io.systemd.Machine. | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Enrique Alonso <enrique.alonso> |
| Component: | selinux-policy | Assignee: | Zdenek Pytela <zpytela> |
| Status: | CLOSED DUPLICATE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 38 | CC: | dwalsh, lvrabec, mmalik, nknazeko, omosnacek, pkoncity, vmojzis, zpytela |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2023-05-24 12:59:30 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
*** This bug has been marked as a duplicate of bug 2208845 *** |
I cannot access from a Windows machine to a Samba shared printer in a Fedora 38 Server, joined to an Active Directory using Samba + Winbind. The SELinux audit log is showing: type=AVC msg=audit(1684912507.200:888): avc: denied { connectto } for pid=25101 comm="rpcd_spoolss" path="/run/systemd/userdb/io.systemd.Machine" scontext=system_u:system_r:winbind_rpcd_t:s0 tcontext=system_u:system_r:systemd_machined_t:s0 tclass=unix_stream_socket permissive=0 Reproducible: Always