Description of problem: SELinux is preventing geoclue from 'execute' accesses on the fichier 2F72756E2F73797374656D642F756E69742D726F6F742F746D702F666669636531474D53202864656C6574656429. ***** Plugin catchall (100. confidence) suggests ************************** Si vous pensez que geoclue devrait être autorisé à accéder execute sur 2F72756E2F73797374656D642F756E69742D726F6F742F746D702F666669636531474D53202864656C6574656429 file par défaut. Then vous devriez rapporter ceci en tant qu'anomalie. Vous pouvez générer un module de stratégie local pour autoriser cet accès. Do autoriser cet accès pour le moment en exécutant : # ausearch -c "geoclue" --raw | audit2allow -M my-geoclue # semodule -X 300 -i my-geoclue.pp Additional Information: Source Context system_u:system_r:geoclue_t:s0 Target Context system_u:object_r:geoclue_tmp_t:s0 Target Objects 2F72756E2F73797374656D642F756E69742D726F6F742F746D 702F666669636531474D53202864656C6574656429 [ file ] Source geoclue Source Path geoclue Port <Inconnu> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.14.2-32.fc29.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.18.5-300.fc29.x86_64 #1 SMP Fri Aug 24 17:16:35 UTC 2018 x86_64 x86_64 Alert Count 6 First Seen 2018-09-07 16:44:19 CEST Last Seen 2018-09-07 16:44:19 CEST Local ID 2763df38-0143-4e8b-9622-cdf54818e25f Raw Audit Messages type=AVC msg=audit(1536331459.798:374): avc: denied { execute } for pid=1880 comm="geoclue" path=2F72756E2F73797374656D642F756E69742D726F6F742F746D702F666669636531474D53202864656C6574656429 dev="tmpfs" ino=42524 scontext=system_u:system_r:geoclue_t:s0 tcontext=system_u:object_r:geoclue_tmp_t:s0 tclass=file permissive=0 Hash: geoclue,geoclue_t,geoclue_tmp_t,file,execute Version-Release number of selected component: selinux-policy-3.14.2-32.fc29.noarch Additional info: component: selinux-policy reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.18.5-300.fc29.x86_64 type: libreport Potential duplicate: bug 1625000
*** Bug 1625000 has been marked as a duplicate of this bug. ***
I still see it with selinux-policy-3.14.2-34.fc29.noarch type=AVC msg=audit(1536703720.778:241): avc: denied { execute } for pid=1594 comm="geoclue" path=2F746D702F666669537678706C70202864656C6574656429 dev="tmpfs" ino=46438 scontext=system_u:system_r:geoclue_t:s0 tcontext=system_u:object_r:geoclue_tmp_t:s0 tclass=file permissive=1
(In reply to Chris Murphy from comment #2) > I still see it with selinux-policy-3.14.2-34.fc29.noarch > > type=AVC msg=audit(1536703720.778:241): avc: denied { execute } for > pid=1594 comm="geoclue" > path=2F746D702F666669537678706C70202864656C6574656429 dev="tmpfs" ino=46438 > scontext=system_u:system_r:geoclue_t:s0 > tcontext=system_u:object_r:geoclue_tmp_t:s0 tclass=file permissive=1 I still see this along with https://bugzilla.redhat.com/show_bug.cgi?id=1625632
To be clear, I meant I still see both of those issues with selinux-policy-3.14.2-34.fc29.noarch
Description of problem: This occurs at the moment of login on GNOME Shell (Wayland) Version-Release number of selected component: selinux-policy-3.14.2-34.fc29.noarch Additional info: reporter: libreport-2.9.5 hashmarkername: setroubleshoot kernel: 4.18.7-300.fc29.x86_64 type: libreport
selinux-policy-3.14.2-35.fc29 has been submitted as an update to Fedora 29. https://bodhi.fedoraproject.org/updates/FEDORA-2018-d4ddac7543
selinux-policy-3.14.2-35.fc29 has been pushed to the Fedora 29 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2018-d4ddac7543
selinux-policy-3.14.2-35.fc29 has been pushed to the Fedora 29 stable repository. If problems still persist, please make note of it in this bug report.