Description of problem: randomly during work for a cuple of times per month. SELinux is preventing dotlockfile from using the 'signull' accesses on a process. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that dotlockfile should be allowed signull access on processes labeled unconfined_t by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'dotlockfile' --raw | audit2allow -M my-dotlockfile # semodule -X 300 -i my-dotlockfile.pp Additional Information: Source Context system_u:system_r:system_mail_t:s0-s0:c0.c1023 Target Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1 023 Target Objects Unknown [ process ] Source dotlockfile Source Path dotlockfile Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.14.3-43.fc30.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 5.2.9-200.fc30.x86_64 #1 SMP Fri Aug 16 21:37:45 UTC 2019 x86_64 x86_64 Alert Count 64 First Seen 2019-08-12 11:00:36 CEST Last Seen 2019-08-30 11:00:57 CEST Local ID 86a0bb0d-9537-45cb-a1c1-35d5e886ace3 Raw Audit Messages type=AVC msg=audit(1567155657.85:537): avc: denied { signull } for pid=18178 comm="dotlockfile" scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=process permissive=0 Hash: dotlockfile,system_mail_t,unconfined_t,process,signull Version-Release number of selected component: selinux-policy-3.14.3-43.fc30.noarch Additional info: component: selinux-policy reporter: libreport-2.10.1 hashmarkername: setroubleshoot kernel: 5.2.9-200.fc30.x86_64 type: libreport
Hi Radomir, Does it breaking some stuff on your system or you just see this SELinux denial? I would say this is good candidate to do not audit this denial. Thanks, Lukas.
I do not know, the system is working fine. I just can see this message from time to time. I do not have any idea what is this message about.
commit c9f7f70f3d925dfc325db33cf91ddc7735752999 (HEAD -> rawhide) Author: Lukas Vrabec <lvrabec> Date: Tue Sep 3 10:20:19 2019 +0200 Dontaudit system_mail_t domains to check for existence other applications on system BZ(1747369)
FEDORA-2019-be14ea0375 has been submitted as an update to Fedora 30. https://bodhi.fedoraproject.org/updates/FEDORA-2019-be14ea0375
selinux-policy-3.14.3-45.fc30 has been pushed to the Fedora 30 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-be14ea0375
selinux-policy-3.14.3-45.fc30 has been pushed to the Fedora 30 stable repository. If problems still persist, please make note of it in this bug report.