Description of problem: SELinux is preventing usbguard-daemon from 'write' accesses on the Verzeichnis /etc/usbguard. ***** Plugin catchall (100. confidence) suggests ************************** Wenn Sie denken, dass es usbguard-daemon standardmäßig erlaubt sein sollte, write Zugriff auf usbguard directory zu erhalten. Then sie sollten dies als Fehler melden. Um diesen Zugriff zu erlauben, können Sie ein lokales Richtlinien-Modul erstellen. Do zugriff jetzt erlauben, indem Sie die nachfolgenden Befehle ausführen: # ausearch -c 'usbguard-daemon' --raw | audit2allow -M my-usbguarddaemon # semodule -X 300 -i my-usbguarddaemon.pp Additional Information: Source Context system_u:system_r:usbguard_t:s0 Target Context system_u:object_r:usbguard_conf_t:s0 Target Objects /etc/usbguard [ dir ] Source usbguard-daemon Source Path usbguard-daemon Port <Unbekannt> Host (removed) Source RPM Packages Target RPM Packages usbguard-1.1.2-1.fc38.x86_64 SELinux Policy RPM selinux-policy-targeted-38.24-1.fc38.noarch Local Policy RPM usbguard-selinux-1.1.2-1.fc38.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 6.4.6-200.fc38.x86_64 #1 SMP PREEMPT_DYNAMIC Mon Jul 24 20:51:12 UTC 2023 x86_64 Alert Count 4 First Seen 2023-03-29 23:14:22 CEST Last Seen 2023-08-18 15:59:45 CEST Local ID ab1e3907-fe24-4569-974b-dc0cd43ca63f Raw Audit Messages type=AVC msg=audit(1692367185.759:2164): avc: denied { write } for pid=1488 comm="usbguard-daemon" name="usbguard" dev="dm-0" ino=355284 scontext=system_u:system_r:usbguard_t:s0 tcontext=system_u:object_r:usbguard_conf_t:s0 tclass=dir permissive=0 Hash: usbguard-daemon,usbguard_t,usbguard_conf_t,dir,write Version-Release number of selected component: selinux-policy-targeted-38.24-1.fc38.noarch Additional info: reporter: libreport-2.17.11 reason: SELinux is preventing usbguard-daemon from 'write' accesses on the Verzeichnis /etc/usbguard. package: selinux-policy-targeted-38.24-1.fc38.noarch component: usbguard hashmarkername: setroubleshoot type: libreport kernel: 6.4.6-200.fc38.x86_64 component: usbguard Potential duplicate: bug 2183472
Created attachment 1983983 [details] File: description
Created attachment 1983984 [details] File: os_info
Fedora Linux 38 entered end-of-life (EOL) status on 2024-05-21. Fedora Linux 38 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora Linux please feel free to reopen this bug against that version. Note that the version field may be hidden. Click the "Show advanced fields" button if you do not see the version field. If you are unable to reopen this bug, please file a new report against an active release. Thank you for reporting this bug and we are sorry it could not be fixed.