Hide Forgot
Description of problem: SELinux is preventing 64636F6E6620776F726B6572 from 'connectto' accesses on the unix_stream_socket /run/dbus/system_bus_socket. ***** Plugin catchall (100. confidence) suggests ************************** Wenn Sie denken, dass es 64636F6E6620776F726B6572 standardmäßig erlaubt sein sollte, connectto Zugriff auf system_bus_socket unix_stream_socket zu erhalten. Then sie sollten dies als Fehler melden. Um diesen Zugriff zu erlauben, können Sie ein lokales Richtlinien-Modul erstellen. Do zugriff jetzt erlauben, indem Sie die nachfolgenden Befehle ausführen: # ausearch -c '64636F6E6620776F726B6572' --raw | audit2allow -M my-64636F6E6620776F726B6572 # semodule -X 300 -i my-64636F6E6620776F726B6572.pp Additional Information: Source Context unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 Target Context system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 Target Objects /run/dbus/system_bus_socket [ unix_stream_socket ] Source 64636F6E6620776F726B6572 Source Path 64636F6E6620776F726B6572 Port <Unbekannt> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.14.3-41.fc30.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 5.1.19-300.fc30.x86_64 #1 SMP Mon Jul 22 16:32:45 UTC 2019 x86_64 x86_64 Alert Count 2 First Seen 2019-07-25 10:19:16 CEST Last Seen 2019-07-25 10:20:55 CEST Local ID 4393adf3-a4ac-41ac-b30c-c6c2b401f1db Raw Audit Messages type=AVC msg=audit(1564042855.698:410): avc: denied { connectto } for pid=12500 comm=64636F6E6620776F726B6572 path="/run/dbus/system_bus_socket" scontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tcontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 tclass=unix_stream_socket permissive=0 Hash: 64636F6E6620776F726B6572,thumb_t,system_dbusd_t,unix_stream_socket,connectto Version-Release number of selected component: selinux-policy-3.14.3-41.fc30.noarch Additional info: component: selinux-policy reporter: libreport-2.10.1 hashmarkername: setroubleshoot kernel: 5.1.19-300.fc30.x86_64 type: libreport
Hi, Are you able to reproduce it? Could you attach also steps to reproduce it? Thanks, Lukas.
@Lukas, currently I cannot. I will however pay close attention for what I did once it arises again. Only yesterday I found myself somewhat spammed with that warning, so I went to reposting it.
Hi Andreas, Thanks for update. I close this bug becuase we don't have reproducer, if you catch it again, please re-open this ticket. Thanks, Lukas.