Description of problem: SELinux is preventing (atd) from 'connectto' accesses on the unix_stream_socket /run/systemd/journal/stdout. ***** Plugin catchall (100. confidence) suggests ************************** If si crede che (atd) dovrebbe avere possibilità di accesso connectto sui stdout unix_stream_socket in modo predefinito. Then si dovrebbe riportare il problema come bug. E' possibile generare un modulo di politica locale per consentire questo accesso. Do allow this access for now by executing: # ausearch -c '(atd)' --raw | audit2allow -M my-atd # semodule -X 300 -i my-atd.pp Additional Information: Source Context system_u:system_r:init_t:s0 Target Context system_u:system_r:kernel_t:s0 Target Objects /run/systemd/journal/stdout [ unix_stream_socket ] Source (atd) Source Path (atd) Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-236.fc26.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.10.0-0.rc6.git0.1.fc26.x86_64 #1 SMP Mon Jan 30 14:41:19 UTC 2017 x86_64 x86_64 Alert Count 1 First Seen 2017-02-03 18:40:23 CET Last Seen 2017-02-03 18:40:23 CET Local ID 94d25d8f-1a3a-440a-bd64-fa3e266e8444 Raw Audit Messages type=AVC msg=audit(1486143623.812:244): avc: denied { connectto } for pid=2957 comm="(atd)" path="/run/systemd/journal/stdout" scontext=system_u:system_r:init_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 Hash: (atd),init_t,kernel_t,unix_stream_socket,connectto Version-Release number of selected component: selinux-policy-3.13.1-236.fc26.noarch Additional info: component: selinux-policy reporter: libreport-2.9.0 hashmarkername: setroubleshoot kernel: 4.10.0-0.rc6.git0.1.fc26.x86_64 type: libreport
This bug appears to have been reported against 'rawhide' during the Fedora 26 development cycle. Changing version to '26'.