Description of problem: SELinux is preventing systemd-user-ru from 'rmdir' accesses on the katalog services. ***** Plugin catchall (100. confidence) suggests ************************** Aby systemd-user-ru powinno mieć domyślnie rmdir dostęp do services directory. Then proszę to zgłosić jako błąd. Można utworzyć lokalny moduł polityki, aby umożliwić ten dostęp. Do można tymczasowo zezwolić na ten dostęp wykonując polecenia: # ausearch -c 'systemd-user-ru' --raw | audit2allow -M my-systemduserru # semodule -X 300 -i my-systemduserru.pp Additional Information: Source Context system_u:system_r:systemd_logind_t:s0 Target Context unconfined_u:object_r:tmpfs_t:s0 Target Objects services [ dir ] Source systemd-user-ru Source Path systemd-user-ru Port <Nieznane> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.14.2-42.fc29.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.18.16-300.fc29.x86_64 #1 SMP Sat Oct 20 23:24:08 UTC 2018 x86_64 x86_64 Alert Count 1 First Seen 2018-11-11 10:55:02 CET Last Seen 2018-11-11 10:55:02 CET Local ID 9a0877b2-f735-44bc-9a23-e10ab16245d0 Raw Audit Messages type=AVC msg=audit(1541930102.276:493): avc: denied { rmdir } for pid=18481 comm="systemd-user-ru" name="services" dev="tmpfs" ino=37149 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=unconfined_u:object_r:tmpfs_t:s0 tclass=dir permissive=0 Hash: systemd-user-ru,systemd_logind_t,tmpfs_t,dir,rmdir Version-Release number of selected component: selinux-policy-3.14.2-42.fc29.noarch Additional info: component: selinux-policy reporter: libreport-2.9.6 hashmarkername: setroubleshoot kernel: 4.18.17-300.fc29.x86_64 type: libreport
*** Bug 1648933 has been marked as a duplicate of this bug. ***
commit 26f96dfe0800dbec3af4b6fce5b223cda91e7a09 (HEAD -> rawhide) Author: Lukas Vrabec <lvrabec> Date: Thu Nov 22 10:59:38 2018 +0100 Allow systemd_logind_t domain to remove directories labeled as tmpfs_t BZ(1648636)
selinux-policy-3.14.2-44.fc29 has been submitted as an update to Fedora 29. https://bodhi.fedoraproject.org/updates/FEDORA-2018-0eac5b1bd7
A Fedora update associated with this bug has been pushed to the stable repository.