Description of problem: SELinux is preventing gdm-x-session from 'write' accesses on the sock_file bus. ***** Plugin catchall (100. confidence) suggests ************************** Wenn Sie denken, dass es gdm-x-session standardmäßig erlaubt sein sollte, write Zugriff auf bus sock_file zu erhalten. Then sie sollten dies als Fehler melden. Um diesen Zugriff zu erlauben, können Sie ein lokales Richtlinien-Modul erstellen. Do zugriff jetzt erlauben, indem Sie die nachfolgenden Befehle ausführen: # ausearch -c 'gdm-x-session' --raw | audit2allow -M my-gdmxsession # semodule -X 300 -i my-gdmxsession.pp Additional Information: Source Context system_u:system_r:xdm_t:s0-s0:c0.c1023 Target Context unconfined_u:object_r:session_dbusd_tmp_t:s0 Target Objects bus [ sock_file ] Source gdm-x-session Source Path gdm-x-session Port <Unbekannt> Host (removed) Source RPM Packages Target RPM Packages SELinux Policy RPM selinux-policy-targeted-34.23-1.fc34.noarch Local Policy RPM selinux-policy-targeted-34.23-1.fc34.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 5.15.13-100.fc34.x86_64 #1 SMP Wed Jan 5 17:06:02 UTC 2022 x86_64 x86_64 Alert Count 5 First Seen 2022-01-13 20:02:44 CET Last Seen 2022-01-15 17:55:32 CET Local ID 31f2bfe6-d6f6-419d-a8ec-05e368ef2a5c Raw Audit Messages type=AVC msg=audit(1642265732.610:282): avc: denied { write } for pid=1436 comm="gdm-x-session" name="bus" dev="tmpfs" ino=44 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:session_dbusd_tmp_t:s0 tclass=sock_file permissive=0 Hash: gdm-x-session,xdm_t,session_dbusd_tmp_t,sock_file,write Version-Release number of selected component: selinux-policy-targeted-34.23-1.fc34.noarch Additional info: component: selinux-policy reporter: libreport-2.15.2 hashmarkername: setroubleshoot kernel: 5.15.13-100.fc34.x86_64 type: libreport
Similar problem has been detected: Occurred on login. hashmarkername: setroubleshoot kernel: 5.15.13-100.fc34.x86_64 package: selinux-policy-targeted-34.23-1.fc34.noarch reason: SELinux is preventing gdm-x-session from 'write' accesses on the sock_file bus. type: libreport
*** This bug has been marked as a duplicate of bug 2039671 ***