Description of problem: SELinux is preventing dconf worker from 'write' accesses on the sock_file bus. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that dconf worker should be allowed write access on the bus sock_file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'dconf worker' --raw | audit2allow -M my-dconfworker # semodule -X 300 -i my-dconfworker.pp Additional Information: Source Context system_u:system_r:xdm_t:s0-s0:c0.c1023 Target Context unconfined_u:object_r:session_dbusd_tmp_t:s0 Target Objects bus [ sock_file ] Source dconf worker Source Path dconf worker Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages SELinux Policy RPM selinux-policy-targeted-35.9-1.fc35.noarch Local Policy RPM selinux-policy-targeted-35.9-1.fc35.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Host Name (removed) Platform Linux (removed) 5.15.14-200.fc35.x86_64 #1 SMP Tue Jan 11 16:49:27 UTC 2022 x86_64 x86_64 Alert Count 1 First Seen 2022-01-16 20:28:12 AEDT Last Seen 2022-01-16 20:28:12 AEDT Local ID ec9eafb5-6afe-4b89-9223-a4b9383b670e Raw Audit Messages type=AVC msg=audit(1642325292.735:327): avc: denied { write } for pid=4926 comm=64636F6E6620776F726B6572 name="bus" dev="tmpfs" ino=50 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:session_dbusd_tmp_t:s0 tclass=sock_file permissive=1 Hash: dconf worker,xdm_t,session_dbusd_tmp_t,sock_file,write Version-Release number of selected component: selinux-policy-targeted-35.9-1.fc35.noarch Additional info: component: selinux-policy reporter: libreport-2.15.2 hashmarkername: setroubleshoot kernel: 5.15.14-200.fc35.x86_64 type: libreport Potential duplicate: bug 2039654
*** This bug has been marked as a duplicate of bug 2039671 ***