1647121 – systemd-user-ru not allowed read access on the dbus-1 directory

Bug 1647121 - systemd-user-ru not allowed read access on the dbus-1 directory

Summary: systemd-user-ru not allowed read access on the dbus-1 directory

Keywords:
Status:	CLOSED DUPLICATE of bug 1644313
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy
Sub Component:
Version:	29
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	low
Target Milestone:	---
Assignee:	Lukas Vrabec
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2018-11-06 17:25 UTC by Fabrizio
Modified:	2018-11-06 17:46 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2018-11-06 17:46:41 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Fabrizio 2018-11-06 17:25:25 UTC

Description of problem: Just after upgrade to Fedora 29 the SELinux alert pop-up at every boot


Version-Release number of selected component (if applicable): selinux-policy-3.14.2-40.fc29.noarch


Additional info:
SELinux impedisce a systemd-user-ru un accesso read su cartella dbus-1.
⏎
⏎
***** Plugin catchall(100. confidenza) suggerisce**************************

If you believe that systemd-user-ru should be allowed read access on the dbus-1 directory by default.
Quindi si dovrebbe riportare il problema come bug.
E' possibile generare un modulo di politica locale per consentire questo accesso.
Fai
allow this access for now by executing:
# ausearch -c 'systemd-user-ru' --raw | audit2allow -M my-systemduserru
# semodule -X 300 -i my-systemduserru.pp

Informazioni addizionali:
Contesto della sorgente       system_u:system_r:init_t:s0
Contesto target               unconfined_u:object_r:session_dbusd_tmp_t:s0
Oggetti target                dbus-1 [ dir ]
Sorgente                      systemd-user-ru
Percorso della sorgente       systemd-user-ru
Porta                         <Sconosciuto>
Host                          Host2
Sorgente Pacchetti RPM        
Pacchetti RPM target          
RPM della policy              selinux-policy-3.14.2-40.fc29.noarch
Selinux abilitato             True
Tipo di politica              targeted
Modalità Enforcing            Enforcing
Host Name                     Host2
Piattaforma                   Linux Host2 4.18.16-300.fc29.x86_64 #1 SMP Sat
                              Oct 20 23:24:08 UTC 2018 x86_64 x86_64
Conteggio avvisi              3
Primo visto                   2018-11-05 22:04:49 CET
Ultimo visto                  2018-11-06 18:06:55 CET
ID locale                     588f34f7-2f67-40cc-b872-070f164f40ef

Messaggi Raw Audit
type=AVC msg=audit(1541524015.519:247): avc:  denied  { read } for  pid=2002 comm="systemd-user-ru" name="dbus-1" dev="tmpfs" ino=28386 scontext=system_u:system_r:init_t:s0 tcontext=unconfined_u:object_r:session_dbusd_tmp_t:s0 tclass=dir permissive=0


Hash: systemd-user-ru,init_t,session_dbusd_tmp_t,dir,read

Comment 1 Lukas Vrabec 2018-11-06 17:46:41 UTC


*** This bug has been marked as a duplicate of bug 1644313 ***

Note You need to log in before you can comment on or make changes to this bug.