2041243 – SELinux is preventing tumblerd from write access on the sock_file bus.

Bug 2041243 - SELinux is preventing tumblerd from write access on the sock_file bus.

Summary: SELinux is preventing tumblerd from write access on the sock_file bus.

Keywords:
Status:	CLOSED DUPLICATE of bug 2042373
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy
Sub Component:
Version:	34
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Zdenek Pytela
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2022-01-16 18:16 UTC by harrywerner541
Modified:	2022-01-26 18:30 UTC (History)
CC List:	9 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2022-01-26 18:30:32 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description harrywerner541 2022-01-16 18:16:28 UTC

Source Context                unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023
Target Context                unconfined_u:object_r:session_dbusd_tmp_t:s0
Target Objects                bus [ sock_file ]
Source                        tumblerd
Source Path                   tumblerd
Port                          <Unknown>
Host                          localhost.localdomain
Source RPM Packages           
Target RPM Packages           
SELinux Policy RPM            selinux-policy-targeted-34.23-1.fc34.noarch
Local Policy RPM              selinux-policy-targeted-34.23-1.fc34.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     localhost.localdomain
Platform                      Linux localhost.localdomain
                              5.15.14-100.fc34.x86_64 #1 SMP Tue Jan 11 16:53:51
                              UTC 2022 x86_64 x86_64
Alert Count                   31
First Seen                    2022-01-16 11:32:03 EST
Last Seen                     2022-01-16 12:24:18 EST
Local ID                      92280915-cfb0-4ea1-a56c-528e33f164e3

Raw Audit Messages
type=AVC msg=audit(1642353858.921:470): avc:  denied  { write } for  pid=38295 comm="tumblerd" name="bus" dev="tmpfs" ino=38 scontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:session_dbusd_tmp_t:s0 tclass=sock_file permissive=0


Hash: tumblerd,thumb_t,session_dbusd_tmp_t,sock_file,write

Comment 1 oli 2022-01-26 16:33:39 UTC

same here but on fedora 35

[oli@DESKTOP-E83VF5L ~]$ rpm -qa | grep selinux
libselinux-3.3-1.fc35.x86_64
libselinux-utils-3.3-1.fc35.x86_64
python3-libselinux-3.3-1.fc35.x86_64
libselinux-devel-3.3-1.fc35.x86_64
smartmontools-selinux-7.2-11.fc35.noarch
libselinux-3.3-1.fc35.i686
snapd-selinux-2.54.1-1.fc35.noarch
rpm-plugin-selinux-4.17.0-3.fc35.x86_64
selinux-policy-35.11-1.fc35.noarch
selinux-policy-targeted-35.11-1.fc35.noarch
flatpak-selinux-1.12.3-1.fc35.noarch

Comment 2 oli 2022-01-26 16:35:31 UTC

Quellkontext                  unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023
Zielkontext                   unconfined_u:object_r:session_dbusd_tmp_t:s0
Zielobjekte                   bus [ sock_file ]
Quelle                        tumblerd
Quellpfad                     tumblerd
Port                          <Unbekannt>
Host                          DESKTOP-E83VF5L
RPM-Pakete der Quelle         
RPM-Pakete des Ziels          
SELinux Policy RPM            selinux-policy-targeted-35.11-1.fc35.noarch
Local Policy RPM              selinux-policy-targeted-35.11-1.fc35.noarch
SELinux aktiviert             True
Richtlinientyp                targeted
Enforcing-Modus               Enforcing
Rechnername                   DESKTOP-E83VF5L
Plattform                     Linux DESKTOP-E83VF5L 5.15.16-200.fc35.x86_64 #1
                              SMP Thu Jan 20 15:38:18 UTC 2022 x86_64 x86_64
Anzahl der Alarme             3
Zuerst gesehen                2022-01-26 17:29:39 CET
Zuletzt gesehen               2022-01-26 17:29:39 CET
Lokale ID                     8f9f89c4-3a23-47f4-8766-2750c2b7fc44

Raw-Audit-Meldungen
type=AVC msg=audit(1643214579.777:256): avc:  denied  { write } for  pid=3182 comm="tumblerd" name="bus" dev="tmpfs" ino=54 scontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:session_dbusd_tmp_t:s0 tclass=sock_file permissive=0


Hash: tumblerd,thumb_t,session_dbusd_tmp_t,sock_file,write

Comment 3 Zdenek Pytela 2022-01-26 18:30:32 UTC


*** This bug has been marked as a duplicate of bug 2042373 ***

Note You need to log in before you can comment on or make changes to this bug.