Description of problem: SELinux is preventing /usr/lib/systemd/systemd-logind from 'read' accesses on the file /usr/lib/systemd/sleep.conf. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that systemd-logind should be allowed read access on the sleep.conf file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'systemd-logind' --raw | audit2allow -M my-systemdlogind # semodule -X 300 -i my-systemdlogind.pp Additional Information: Source Context system_u:system_r:systemd_logind_t:s0 Target Context system_u:object_r:init_exec_t:s0 Target Objects /usr/lib/systemd/sleep.conf [ file ] Source systemd-logind Source Path /usr/lib/systemd/systemd-logind Port <Unknown> Host (removed) Source RPM Packages systemd-256~rc1^20240509git1781de1-2.fc41.x86_64 Target RPM Packages systemd- udev-256~rc1^20240509git1781de1-2.fc41.x86_64 SELinux Policy RPM selinux-policy-targeted-40.18-2.fc41.noarch Local Policy RPM selinux-policy-targeted-40.18-2.fc41.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Host Name (removed) Platform Linux (removed) 6.10.0- 0.rc0.20240514gita5131c3fdf26.2.fc41.x86_64+debug #1 SMP PREEMPT_DYNAMIC Tue May 14 12:01:34 UTC 2024 x86_64 Alert Count 7 First Seen 2024-05-15 00:34:17 +05 Last Seen 2024-05-15 01:34:59 +05 Local ID 026600d1-d5ec-4301-94a3-b6926f721315 Raw Audit Messages type=AVC msg=audit(1715718899.36:431): avc: denied { read } for pid=1406 comm="systemd-logind" name="sleep.conf" dev="nvme0n1p2" ino=449444 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:init_exec_t:s0 tclass=file permissive=1 type=AVC msg=audit(1715718899.36:431): avc: denied { open } for pid=1406 comm="systemd-logind" path="/usr/lib/systemd/sleep.conf" dev="nvme0n1p2" ino=449444 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:init_exec_t:s0 tclass=file permissive=1 type=SYSCALL msg=audit(1715718899.36:431): arch=x86_64 syscall=openat success=yes exit=ELNRNG a0=ffffff9c a1=557a7c654630 a2=80000 a3=0 items=1 ppid=1 pid=1406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=systemd-logind exe=/usr/lib/systemd/systemd-logind subj=system_u:system_r:systemd_logind_t:s0 key=(null) type=CWD msg=audit(1715718899.36:431): cwd=/ type=PATH msg=audit(1715718899.36:431): item=0 name=/usr/lib/systemd/sleep.conf inode=449444 dev=00:28 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_exec_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Hash: systemd-logind,systemd_logind_t,init_exec_t,file,read Version-Release number of selected component: selinux-policy-targeted-40.18-2.fc41.noarch Additional info: reporter: libreport-2.17.15 reason: SELinux is preventing /usr/lib/systemd/systemd-logind from 'read' accesses on the file /usr/lib/systemd/sleep.conf. package: selinux-policy-targeted-40.18-2.fc41.noarch component: selinux-policy hashmarkername: setroubleshoot type: libreport kernel: 6.10.0-0.rc0.20240514gita5131c3fdf26.2.fc41.x86_64+debug component: selinux-policy
Created attachment 2033241 [details] File: description
Created attachment 2033242 [details] File: os_info
*** This bug has been marked as a duplicate of bug 2279923 ***