Description of problem: SELinux is preventing systemd-user-ru from unlink access on the sock_file bus. Version-Release number of selected component (if applicable): systemd-248.9-1.fc34.x86_64 selinux-policy-34.23-1.fc34.noarch selinux-policy-targeted-34.23-1.fc34.noarch How reproducible: Don't know, occurred after boot. Steps to Reproduce: 1. This occurred when booting kernel 5.14.18 2. 3. Actual results: SElinux alert Expected results: No SElinux alert Additional info: SELinux is preventing systemd-user-ru from unlink access on the sock_file bus. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that systemd-user-ru should be allowed unlink access on the bus sock_file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'systemd-user-ru' --raw | audit2allow -M my-systemduserru # semodule -X 300 -i my-systemduserru.pp Additional Information: Source Context system_u:system_r:systemd_logind_t:s0 Target Context unconfined_u:object_r:session_dbusd_tmp_t:s0 Target Objects bus [ sock_file ] Source systemd-user-ru Source Path systemd-user-ru Port <Unknown> Host truckin.homenet192-10.com Source RPM Packages Target RPM Packages SELinux Policy RPM selinux-policy-targeted-34.23-1.fc34.noarch Local Policy RPM selinux-policy-targeted-34.23-1.fc34.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name truckin.homenet192-10.com Platform Linux truckin.homenet192-10.com 5.14.18-200.fc34.x86_64 #1 SMP Fri Nov 12 16:48:10 UTC 2021 x86_64 x86_64 Alert Count 1 First Seen 2022-01-11 08:10:17 PST Last Seen 2022-01-11 08:10:17 PST Local ID 39f909d3-6dad-4ea8-99c6-146f4ff11c25 Raw Audit Messages type=AVC msg=audit(1641917417.163:388): avc: denied { unlink } for pid=2477 comm="systemd-user-ru" name="bus" dev="tmpfs" ino=57 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=unconfined_u:object_r:session_dbusd_tmp_t:s0 tclass=sock_file permissive=0 Hash: systemd-user-ru,systemd_logind_t,session_dbusd_tmp_t,sock_file,unlink
It occurs after boot on 2 different systems running F34.
I'm also seeing this in rawhide, fully updated to latest packages. SELinux is preventing systemd-user-ru from unlink access on the sock_file bus. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that systemd-user-ru should be allowed unlink access on the bus sock_file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'systemd-user-ru' --raw | audit2allow -M my-systemduserru # semodule -X 300 -i my-systemduserru.pp Additional Information: Source Context system_u:system_r:systemd_logind_t:s0 Target Context unconfined_u:object_r:session_dbusd_tmp_t:s0 Target Objects bus [ sock_file ] Source systemd-user-ru Source Path systemd-user-ru Port <Unknown> Host fedora Source RPM Packages Target RPM Packages SELinux Policy RPM selinux-policy-targeted-35.9-1.fc36.noarch Local Policy RPM selinux-policy-targeted-35.9-1.fc36.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name fedora Platform Linux fedora 5.16.0- 0.rc7.20211231git4f3d93c6eaff.52.20220102.fc36.x86 _64 #1 SMP PREEMPT Sun Jan 2 13:23:02 MST 2022 x86_64 x86_64 Alert Count 37 First Seen 2022-01-14 11:12:12 MST Last Seen 2022-01-14 11:48:12 MST Local ID 6c743ce6-802a-47f3-b2ae-5f53b377e979 Raw Audit Messages type=AVC msg=audit(1642186092.621:1348): avc: denied { unlink } for pid=385989 comm="systemd-user-ru" name="bus" dev="tmpfs" ino=124 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=unconfined_u:object_r:session_dbusd_tmp_t:s0 tclass=sock_file permissive=0 Hash: systemd-user-ru,systemd_logind_t,session_dbusd_tmp_t,sock_file,unlink
I think this might be an selinux error, since it didn't start happening until after today's selinux update. $ rpm -qi selinux-policy-targeted Name : selinux-policy-targeted Version : 35.9 Release : 1.fc36 Architecture: noarch Install Date: Fri 14 Jan 2022 11:11:27 AM MST Group : Unspecified Size : 18481787 License : GPLv2+ Signature : RSA/SHA256, Thu 13 Jan 2022 02:38:50 AM MST, Key ID 999f7cbf38ab71f4 Source RPM : selinux-policy-35.9-1.fc36.src.rpm Build Date : Thu 13 Jan 2022 02:30:42 AM MST Build Host : buildvm-ppc64le-33.iad2.fedoraproject.org Packager : Fedora Project Vendor : Fedora Project URL : https://github.com/fedora-selinux/selinux-policy Bug URL : https://bugz.fedoraproject.org/selinux-policy Summary : SELinux targeted policy Description : SELinux targeted policy package.
I have a desk (some tweak) and a lap (default used just for browsing) Both happens too (without host field) after update from f34 to f35. Many Thanks!
This happens to me too, I am still in Fedora 34 but this started happening after some packages' upgrade, I cannot remember which packages where updated at that time. I have seen something similar in bug 2020977 (duplicate??).
Fixed for me after 2 updates. Many Thanks!
*** This bug has been marked as a duplicate of bug 2020977 ***