Description of problem: I can't reopen https://bugzilla.redhat.com/show_bug.cgi?id=1398849 so I'm creating new bug for Fedora 29 ***** Plugin catchall (100. confidence) suggests ************************** If you believe that tumblerd should be allowed write access on the socket sock_file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'tumblerd' --raw | audit2allow -M my-tumblerd # semodule -X 300 -i my-tumblerd.pp Additional Information: Source Context unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 Target Context system_u:object_r:syslogd_var_run_t:s0 Target Objects socket [ sock_file ] Source tumblerd Source Path tumblerd Port <Nieznane> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.14.2-42.fc29.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Host Name (removed) Platform Linux (removed) 4.19.5-300.fc29.x86_64 #1 SMP Tue Nov 27 19:29:23 UTC 2018 x86_64 x86_64 Alert Count 1 First Seen 2018-12-02 19:27:15 CET Last Seen 2018-12-02 19:27:15 CET Local ID 80e51da8-068a-4831-82e3-ce4994502ae4 Raw Audit Messages type=AVC msg=audit(1543775235.641:536): avc: denied { write } for pid=6130 comm="tumblerd" name="socket" dev="tmpfs" ino=501 scontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tcontext=system_u:object_r:syslogd_var_run_t:s0 tclass=sock_file permissive=1 Hash: tumblerd,thumb_t,syslogd_var_run_t,sock_file,write This happen randomly when I was using Chromium browser. I'm using latest packages from Testing repos for Fedora 29 (except chromium some conflicts with chromium-libs-media-freeworld).
commit 7f67167a24e7d27ba81b6e8a019cddcf9ca19c9f (HEAD -> rawhide) Author: Lukas Vrabec <lvrabec> Date: Wed Dec 12 16:48:22 2018 +0100 Allow thumb_t domain send logging to syslog/journal BZ(1655323)
selinux-policy-3.14.2-46.fc29 has been submitted as an update to Fedora 29. https://bodhi.fedoraproject.org/updates/FEDORA-2019-6a20cfef61
selinux-policy-3.14.2-46.fc29 has been pushed to the Fedora 29 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-6a20cfef61
selinux-policy-3.14.2-46.fc29 has been pushed to the Fedora 29 stable repository. If problems still persist, please make note of it in this bug report.