Description of problem: SELinux is preventing chrony-helper from 'execute_no_trans' accesses on the soubor /usr/bin/chronyc. ***** Plugin catchall (100. confidence) suggests ************************** If pokud jste přesvědčeni, že má chrony-helper mít ve výchozím stavu přístup execute_no_trans na chronyc file. Then toto byste měli nahlásit jako chybu. Abyste přístup povolili, můžete vygenerovat lokální modul pravidel. Do prozatím tento přístup povolíte příkazy: # ausearch -c 'chrony-helper' --raw | audit2allow -M my-chronyhelper # semodule -X 300 -i my-chronyhelper.pp Additional Information: Source Context system_u:system_r:chronyd_t:s0 Target Context system_u:object_r:chronyc_exec_t:s0 Target Objects /usr/bin/chronyc [ file ] Source chrony-helper Source Path chrony-helper Port <Neznámé> Host (removed) Source RPM Packages Target RPM Packages chrony-3.2-1.fc28.x86_64 Policy RPM selinux-policy-3.13.1-300.fc28.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.13.9-300.fc27.x86_64 #1 SMP Mon Oct 23 13:41:58 UTC 2017 x86_64 x86_64 Alert Count 2 First Seen 2017-10-30 11:44:42 CET Last Seen 2017-10-30 11:45:52 CET Local ID 6e4b5942-f53b-4b91-b383-9111907d5d8d Raw Audit Messages type=AVC msg=audit(1509360352.990:560): avc: denied { execute_no_trans } for pid=1654 comm="chrony-helper" path="/usr/bin/chronyc" dev="dm-0" ino=3015059 scontext=system_u:system_r:chronyd_t:s0 tcontext=system_u:object_r:chronyc_exec_t:s0 tclass=file permissive=0 Hash: chrony-helper,chronyd_t,chronyc_exec_t,file,execute_no_trans Version-Release number of selected component: selinux-policy-3.13.1-300.fc28.noarch Additional info: component: selinux-policy reporter: libreport-2.9.2 hashmarkername: setroubleshoot kernel: 4.13.9-300.fc27.x86_64 type: libreport
Can you please fill in the Fixed In Version field?
Sure.