1661719 – SELinux is preventing abrtd from 'read' accesses on the directory oops-2018-12-20-21:31:39-1093-0.

Bug 1661719 - SELinux is preventing abrtd from 'read' accesses on the directory oops-2018-12-20-21:31:39-1093-0.

Summary: SELinux is preventing abrtd from 'read' accesses on the directory oops-2018-1...

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy
Sub Component:
Version:	rawhide
Hardware:	x86_64
OS:	Unspecified
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Zdenek Pytela
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:	abrt_hash:3ffb8cd2ce907c88f36af3181a3...
Duplicates (11):	1661708 1661720 1661721 1661722 1661723 1661724 1661727 1661729 1661730 1661731 1661732 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2018-12-22 17:41 UTC by Mikhail
Modified:	2019-03-29 09:42 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2019-03-29 09:42:03 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Mikhail 2018-12-22 17:41:24 UTC

Description of problem:
SELinux is preventing abrtd from 'read' accesses on the directory oops-2018-12-20-21:31:39-1093-0.

*****  Plugin catchall (100. confidence) suggests   **************************

If you believe that abrtd should be allowed read access on the oops-2018-12-20-21:31:39-1093-0 directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'abrtd' --raw | audit2allow -M my-abrtd
# semodule -X 300 -i my-abrtd.pp

Additional Information:
Source Context                system_u:system_r:abrt_t:s0-s0:c0.c1023
Target Context                system_u:object_r:unlabeled_t:s0
Target Objects                oops-2018-12-20-21:31:39-1093-0 [ dir ]
Source                        abrtd
Source Path                   abrtd
Port                          <Unknown>
Host                          (removed)
Source RPM Packages           
Target RPM Packages           
Policy RPM                    selinux-policy-3.14.3-15.fc30.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     (removed)
Platform                      Linux (removed) 4.20.0-0.rc7.git1.1.fc30.x86_64 #1
                              SMP Tue Dec 18 22:52:01 UTC 2018 x86_64 x86_64
Alert Count                   3
First Seen                    2018-12-22 22:39:10 +05
Last Seen                     2018-12-22 22:39:28 +05
Local ID                      eabd3443-5305-41b8-ad38-8e229e4005d8

Raw Audit Messages
type=AVC msg=audit(1545500368.501:278): avc:  denied  { read } for  pid=2927 comm="abrt-dbus" name="oops-2018-12-20-21:31:39-1093-0" dev="nvme0n1p2" ino=3283306 scontext=system_u:system_r:abrt_t:s0-s0:c0.c1023 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir permissive=0


Hash: abrtd,abrt_t,unlabeled_t,dir,read

Version-Release number of selected component:
selinux-policy-3.14.3-15.fc30.noarch

Additional info:
component:      selinux-policy
reporter:       libreport-2.9.7
hashmarkername: setroubleshoot
kernel:         4.20.0-0.rc7.git1.1.fc30.x86_64
type:           libreport

Potential duplicate: bug 1544077

Comment 1 Lukas Vrabec 2019-01-08 16:50:05 UTC

*** Bug 1661720 has been marked as a duplicate of this bug. ***

Comment 2 Lukas Vrabec 2019-01-08 16:50:06 UTC

*** Bug 1661721 has been marked as a duplicate of this bug. ***

Comment 3 Lukas Vrabec 2019-01-08 16:50:13 UTC

*** Bug 1661722 has been marked as a duplicate of this bug. ***

Comment 4 Lukas Vrabec 2019-01-08 16:50:19 UTC

*** Bug 1661723 has been marked as a duplicate of this bug. ***

Comment 5 Lukas Vrabec 2019-01-08 16:50:26 UTC

*** Bug 1661724 has been marked as a duplicate of this bug. ***

Comment 6 Lukas Vrabec 2019-01-08 16:50:31 UTC

*** Bug 1661727 has been marked as a duplicate of this bug. ***

Comment 7 Lukas Vrabec 2019-01-08 16:51:07 UTC

*** Bug 1661708 has been marked as a duplicate of this bug. ***

Comment 8 Lukas Vrabec 2019-01-08 16:51:21 UTC

*** Bug 1661729 has been marked as a duplicate of this bug. ***

Comment 9 Lukas Vrabec 2019-01-08 16:51:27 UTC

*** Bug 1661730 has been marked as a duplicate of this bug. ***

Comment 10 Lukas Vrabec 2019-01-08 16:51:32 UTC

*** Bug 1661731 has been marked as a duplicate of this bug. ***

Comment 11 Lukas Vrabec 2019-01-08 16:51:37 UTC

*** Bug 1661732 has been marked as a duplicate of this bug. ***

Comment 12 Zdenek Pytela 2019-03-29 09:42:03 UTC

Hi,

It looks like the file in the setroubleshoot report has invalid label. The unlabeled_t label is usually displayed when a file was created in SELinux disabled state or when its actual label does not currently exist. As the directory path has not been logged, you can try to locate the file and then fix its context with the following command:

  # /sbin/restorecon -Rv /path

which in this case likely is

  # /sbin/restorecon -Rv /var/spool/abrt

or setup the machine to relabel all filesystems on the next reboot:

  # fixfiles onboot

and reboot the system.

Closing as NOTABUG. Feel free to reopen the bugzilla if the issue persists.

Note You need to log in before you can comment on or make changes to this bug.