Description of problem: SELinux is preventing gconftool-2 from 'write' accesses on the sock_file /var/lib/snapd/snap/core20/1242/etc/apparmor.d/abstractions/dbus-session. ***** Plugin catchall (100. confidence) suggests ************************** Se ci credi gconftool-2 dovrebbe essere consentito write accesso al dbus-session sock_file per impostazione predefinita. Then si dovrebbe riportare il problema come bug. E' possibile generare un modulo di politica locale per consentire questo accesso. Do consentire questo accesso per ora eseguendo: # ausearch -c 'gconftool-2' --raw | audit2allow -M my-$MODULE_NOME # semodule -X 300 -i miei-gconftool2.pp Additional Information: Source Context unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 Target Context unconfined_u:object_r:session_dbusd_tmp_t:s0 Target Objects /var/lib/snapd/snap/core20/1242/etc/apparmor.d/abs tractions/dbus-session [ sock_file ] Source gconftool-2 Source Path gconftool-2 Port <Sconosciuto> Host (removed) Source RPM Packages Target RPM Packages SELinux Policy RPM selinux-policy-targeted-35.11-1.fc35.noarch Local Policy RPM selinux-policy-targeted-35.11-1.fc35.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Host Name (removed) Platform Linux (removed) 5.15.15-200.fc35.x86_64 #1 SMP Sun Jan 16 17:37:06 UTC 2022 x86_64 x86_64 Alert Count 1 First Seen 2022-01-22 10:10:38 CET Last Seen 2022-01-22 10:10:38 CET Local ID 92933f24-31fd-4590-aec3-bd85ca29e94e Raw Audit Messages type=AVC msg=audit(1642842638.315:1090): avc: denied { write } for pid=153335 comm="gconftool-2" name="bus" dev="tmpfs" ino=46 scontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:session_dbusd_tmp_t:s0 tclass=sock_file permissive=1 Hash: gconftool-2,thumb_t,session_dbusd_tmp_t,sock_file,write Version-Release number of selected component: selinux-policy-targeted-35.11-1.fc35.noarch Additional info: component: selinux-policy reporter: libreport-2.15.2 hashmarkername: setroubleshoot kernel: 5.15.15-200.fc35.x86_64 type: libreport
*** This bug has been marked as a duplicate of bug 2042696 ***