Description of problem: This happened when starting firefox in a sandbox: sandbox -t sandbox_web_t -w 900q690 -X firefox 'some-url.com' SELinux is preventing dbus-daemon from 'connectto' accesses on the unix_stream_socket /run/systemd/journal/stdout. ***** Plugin catchall (100. confidence) suggests ************************** If sie denken, dass es dbus-daemon standardmässig erlaubt sein sollte, connectto Zugriff auf stdout unix_stream_socket zu erhalten. Then sie sollten dies als Fehler melden. Um diesen Zugriff zu erlauben, können Sie ein lokales Richtlinien-Modul erstellen. Do zugriff jetzt erlauben, indem Sie die nachfolgenden Befehle ausführen: # grep dbus-daemon /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context unconfined_u:unconfined_r:sandbox_web_t:s0:c257,c4 67 Target Context system_u:system_r:kernel_t:s0 Target Objects /run/systemd/journal/stdout [ unix_stream_socket ] Source dbus-daemon Source Path dbus-daemon Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-128.18.fc22.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.2.3-200.fc22.x86_64 #1 SMP Thu Oct 8 03:23:55 UTC 2015 x86_64 x86_64 Alert Count 3 First Seen 2015-10-29 14:44:56 CET Last Seen 2015-10-29 14:44:57 CET Local ID 2085871f-653b-43ea-a65b-550b6df625d1 Raw Audit Messages type=AVC msg=audit(1446126297.4:546): avc: denied { connectto } for pid=2956 comm="dbus-daemon" path="/run/systemd/journal/stdout" scontext=unconfined_u:unconfined_r:sandbox_web_t:s0:c257,c467 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 Hash: dbus-daemon,sandbox_web_t,kernel_t,unix_stream_socket,connectto Version-Release number of selected component: selinux-policy-3.13.1-128.18.fc22.noarch Additional info: reporter: libreport-2.6.3 hashmarkername: setroubleshoot kernel: 4.2.3-200.fc22.x86_64 type: libreport
Fedora 22 changed to end-of-life (EOL) status on 2016-07-19. Fedora 22 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed.