Description of problem: Fresh install F28, tried to connect Thinkpad Thunderbolt3 dock, was not able to authorize the device in gnome or boltctl. Tried as a user, sudoer and root. With setenforce 0, all works well. journalctl: Sep 04 16:41:20 localhost.localdomain audit[4075]: CRED_DISP pid=4075 uid=0 auid=1000 ses=3 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_fprintd acct="root> Sep 04 16:41:20 localhost.localdomain audit[4075]: USER_END pid=4075 uid=0 auid=1000 ses=3 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pa> Sep 04 16:41:20 localhost.localdomain sudo[4075]: pam_unix(sudo:session): session closed for user root Sep 04 16:40:55 localhost.localdomain audit[1039]: USER_AVC pid=1039 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc: denied { send_msg } for msgtype=method> exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?' Sep 04 16:40:55 localhost.localdomain audit[1039]: USER_AVC pid=1039 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc: denied { send_msg } for msgtype=method> exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?' Version-Release number of selected component (if applicable): 4.17.19-200.fc28.x86_64 bolt-0.4-1.fc28.x86_64 How reproducible: 100% Steps to Reproduce: 1.try to authorize a tb3 dock Actual results: timeout Expected results: authorization successful
Hi, Could you please reproduce your issue and attach output of: # ausearch -m USER_AVC -ts recent THanks, Lukas.
Created attachment 1481057 [details] ausearch -m USER_AVC -ts recent
selinux-policy-3.14.1-42.fc28 has been submitted as an update to Fedora 28. https://bodhi.fedoraproject.org/updates/FEDORA-2018-2d1b09d217
*** Bug 1625786 has been marked as a duplicate of this bug. ***
Works well with selinux-policy-3.14.1-42.fc28. Thanks!
selinux-policy-3.14.1-42.fc28 has been pushed to the Fedora 28 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2018-2d1b09d217
selinux-policy-3.14.1-42.fc28 has been pushed to the Fedora 28 stable repository. If problems still persist, please make note of it in this bug report.
Confirmed fixed with selinux-policy-3.14.2-32.fc29.noarch
Just installed F29 on my Thinkpad T480s and Thunderbolt 3 docking station. bolt service is not starting unless SELinux is in permissive mode. Name : selinux-policy Version : 3.14.2 Release : 36.fc29
Disregard my previous comment, I wasn't fully updated. Fixed with: Name : selinux-policy Version : 3.14.2 Release : 37.fc29