Description of problem: Version-Release number of selected component (if applicable): dictd-server-1.12.1-16.fc27.x86_64 selinux-policy-3.13.1-283.21.fc27.noarch selinux-policy-devel-3.13.1-283.21.fc27.noarch selinux-policy-targeted-3.13.1-283.21.fc27.noarch How reproducible: * always Steps to Reproduce: 1. get a Fedora27 machine (targeted policy is active) 2. install the dictd packages 3. start the dictd service 4. search for SELinux denials Actual results (enforcing mode): ---- type=AVC msg=audit(01/26/2018 09:58:45.937:1008) : avc: denied { write } for pid=6216 comm=dictd name=system_bus_socket dev="tmpfs" ino=16215 scontext=system_u:system_r:dictd_t:s0 tcontext=system_u:object_r:system_dbusd_var_run_t:s0 tclass=sock_file permissive=0 ---- Expected results: * no SELinux denials
Actual results (permissive mode): ---- type=USER_AVC msg=audit(01/26/2018 10:01:12.332:1015) : pid=400 uid=dbus auid=unset ses=unset subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.DBus member=Hello dest=org.freedesktop.DBus spid=6288 scontext=system_u:system_r:dictd_t:s0 tcontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 tclass=dbus permissive=1 exe=/usr/bin/dbus-daemon sauid=dbus hostname=? addr=? terminal=?' ---- type=USER_AVC msg=audit(01/26/2018 10:01:12.333:1016) : pid=400 uid=dbus auid=unset ses=unset subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.systemd1.Manager member=LookupDynamicUserByName dest=org.freedesktop.systemd1 spid=6288 tpid=1 scontext=system_u:system_r:dictd_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=dbus permissive=1 exe=/usr/bin/dbus-daemon sauid=dbus hostname=? addr=? terminal=?' ---- type=USER_AVC msg=audit(01/26/2018 10:01:12.334:1017) : pid=400 uid=dbus auid=unset ses=unset subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc: denied { send_msg } for msgtype=error error_name=org.freedesktop.systemd1.NoSuchDynamicUser dest=:1.95 spid=1 tpid=6288 scontext=system_u:system_r:init_t:s0 tcontext=system_u:system_r:dictd_t:s0 tclass=dbus permissive=1 exe=/usr/bin/dbus-daemon sauid=dbus hostname=? addr=? terminal=?' ---- type=AVC msg=audit(01/26/2018 10:01:12.331:1014) : avc: denied { write } for pid=6288 comm=dictd name=system_bus_socket dev="tmpfs" ino=16215 scontext=system_u:system_r:dictd_t:s0 tcontext=system_u:object_r:system_dbusd_var_run_t:s0 tclass=sock_file permissive=1 ----
commit fd5f8dee3e994fa4096818dfb82ec6ef2a99cb4e (HEAD -> fb-dictd-dbus, origin/fb-dictd-dbus) Author: Milos Malik <mmalik> Date: Mon Jun 11 16:01:32 2018 +0200 Enable the dictd to communicate via D-bus. resolves BZ#1539072
selinux-policy-3.13.1-284.37.fc27 has been submitted as an update to Fedora 27. https://bodhi.fedoraproject.org/updates/FEDORA-2018-4bb4de2d86
selinux-policy-3.13.1-284.37.fc27 has been pushed to the Fedora 27 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2018-4bb4de2d86
selinux-policy-3.13.1-284.37.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report.