Description of problem: SELinux is preventing systemd-logind from read, write, open access on the file /run/systemd/shutdown/.#scheduledPlE1Q9. ***** Plugin catchall (100. confidence) suggests ************************** If você acredita que o systemd-logind deva ser permitido acesso de read write open em .#scheduledPlE1Q9 file por default. Then você precisa reportar este como um erro. Você pode gerar um módulo de política local para permitir este acesso. Do permitir este acesso agora executando: # grep systemd-logind /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:systemd_logind_t:s0 Target Context system_u:object_r:init_var_run_t:s0 Target Objects /run/systemd/shutdown/.#scheduledPlE1Q9 [ file ] Source systemd-logind Source Path systemd-logind Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-152.fc23.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Host Name (removed) Platform Linux (removed) 4.2.5-300.fc23.x86_64 #1 SMP Tue Oct 27 04:29:56 UTC 2015 x86_64 x86_64 Alert Count 1 First Seen 2015-11-06 03:37:46 BRST Last Seen 2015-11-06 03:37:46 BRST Local ID 98372616-f82e-4d3b-b4e9-718347149c20 Raw Audit Messages type=AVC msg=audit(1446788266.910:622): avc: denied { read write open } for pid=757 comm="systemd-logind" path="/run/systemd/shutdown/.#scheduledPlE1Q9" dev="tmpfs" ino=279971 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=file permissive=1 Hash: systemd-logind,systemd_logind_t,init_var_run_t,file,read,write,open Version-Release number of selected component: selinux-policy-3.13.1-152.fc23.noarch Additional info: reporter: libreport-2.6.3 hashmarkername: setroubleshoot kernel: 4.2.5-300.fc23.x86_64 type: libreport
*** Bug 1278658 has been marked as a duplicate of this bug. ***
*** Bug 1278660 has been marked as a duplicate of this bug. ***
*** Bug 1278666 has been marked as a duplicate of this bug. ***
*** Bug 1278657 has been marked as a duplicate of this bug. ***
Could you please add your reproducer for this issue? Thank you.
Hello, thank you for helping. These are the steps: 1- Put SELinux in permissive mode and reboot; 2- Login as a ordinary user and run a scheduled shutdown (sudo shutdown -h 10:00, for example); When SELinux is in enforcing mode, I've not found any warning, but shutdown fails and ignore the TIME parameter, shutting down the system immediately. So to get these warnings SELinux need to be in permissive mode.
It may be useful to see https://bugzilla.redhat.com/show_bug.cgi?id=1277987. It's another warning from SELinux I've received while trying to shutdown the machine with a TIME argument, so it could provide more information, or just can be marked as DUPLICATE of this issue.
*** This bug has been marked as a duplicate of bug 1277987 ***