Description of problem: SELinux is preventing systemd from 'setopt' accesses on the unix_stream_socket labeled pulseaudio_t. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that systemd should be allowed setopt access on the Unknown unix_stream_socket by default. Then sie sollten dies als Fehler melden. Um diesen Zugriff zu erlauben, können Sie ein lokales Richtlinien-Modul erstellen. Do allow this access for now by executing: # ausearch -c 'systemd' --raw | audit2allow -M my-systemd # semodule -X 300 -i my-systemd.pp Additional Information: Source Context staff_u:staff_r:staff_t:s0-s0:c0.c1023 Target Context staff_u:staff_r:pulseaudio_t:s0-s0:c0.c1023 Target Objects Unknown [ unix_stream_socket ] Source systemd Source Path systemd Port <Unbekannt> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.14.2-44.fc29.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.19.7-300.fc29.x86_64 #1 SMP Wed Dec 5 22:21:07 UTC 2018 x86_64 x86_64 Alert Count 2 First Seen 2018-12-12 09:43:43 CET Last Seen 2018-12-12 17:43:01 CET Local ID eef5d01e-d4ce-4b8a-90ce-3d7880583663 Raw Audit Messages type=AVC msg=audit(1544632981.243:250): avc: denied { setopt } for pid=1670 comm="systemd" scontext=staff_u:staff_r:staff_t:s0-s0:c0.c1023 tcontext=staff_u:staff_r:pulseaudio_t:s0-s0:c0.c1023 tclass=unix_stream_socket permissive=0 Hash: systemd,staff_t,pulseaudio_t,unix_stream_socket,setopt Version-Release number of selected component: selinux-policy-3.14.2-44.fc29.noarch Additional info: component: selinux-policy reporter: libreport-2.9.7 hashmarkername: setroubleshoot kernel: 4.19.7-300.fc29.x86_64 type: libreport
Could you please update to the latest Fedora 30 selinux-policy package and try to reproduce it? It should be fixed. Thanks, Lukas.