Description of problem: SELinux is preventing /usr/libexec/openssh/sshd-session from 'setattr' accesses on the file /(null). ***** Plugin restorecon (94.8 confidence) suggests ************************ If you want to fix the label. /(null) default label should be etc_runtime_t. Then you can run restorecon. The access attempt may have been stopped due to insufficient permissions to access a parent directory in which case try to change the following command accordingly. Do # /sbin/restorecon -v /(null) ***** Plugin catchall_labels (5.21 confidence) suggests ******************* If you want to allow sshd-session to have setattr access on the (null) file Then you need to change the label on /(null) Do # semanage fcontext -a -t FILE_TYPE '/(null)' where FILE_TYPE is one of the following: abrt_var_cache_t, auth_cache_t, auth_home_t, cgroup_memory_pressure_t, cgroup_t, faillog_t, gitosis_var_lib_t, gkeyringd_tmp_t, krb5_host_rcache_t, lastlog_t, mozilla_plugin_tmp_t, mozilla_plugin_tmpfs_t, openshift_tmp_t, pam_var_run_t, ssh_home_t, sshd_var_run_t, systemd_passwd_var_run_t, user_tmp_t, var_auth_t. Then execute: restorecon -v '/(null)' ***** Plugin catchall (1.44 confidence) suggests ************************** If you believe that sshd-session should be allowed setattr access on the (null) file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'sshd-session' --raw | audit2allow -M my-sshdsession # semodule -X 300 -i my-sshdsession.pp Additional Information: Source Context system_u:system_r:sshd_t:s0-s0:c0.c1023 Target Context system_u:object_r:var_lib_t:s0 Target Objects /(null) [ file ] Source sshd-session Source Path /usr/libexec/openssh/sshd-session Port <Unknown> Host (removed) Source RPM Packages openssh-server-10.0p1-4.fc43.x86_64 Target RPM Packages SELinux Policy RPM selinux-policy-targeted-42.1-1.fc43.noarch Local Policy RPM selinux-policy-targeted-42.1-1.fc43.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Host Name (removed) Platform Linux (removed) 6.16.0- 0.rc6.250715g155a3c003e55.53.fc43.x86_64+debug #1 SMP PREEMPT_DYNAMIC Wed Jul 16 10:58:51 UTC 2025 x86_64 Alert Count 3 First Seen 2025-07-18 03:59:13 +05 Last Seen 2025-07-20 12:40:37 +05 Local ID d2199e0c-e306-4b2b-9f24-ec108d0278c4 Raw Audit Messages type=AVC msg=audit(1752997237.565:929): avc: denied { setattr } for pid=201843 comm="sshd-session" name="lastlog2.db-journal" dev="nvme1n1p3" ino=160206350 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_lib_t:s0 tclass=file permissive=1 type=SYSCALL msg=audit(1752997237.565:929): arch=x86_64 syscall=fchown success=yes exit=0 a0=a a1=0 a2=0 a3=1a4 items=1 ppid=1814 pid=201843 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=5 comm=sshd-session exe=/usr/libexec/openssh/sshd-session subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null) type=CWD msg=audit(1752997237.565:929): cwd=/ type=PATH msg=audit(1752997237.565:929): item=0 name=(null) inode=160206350 dev=00:23 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:var_lib_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Hash: sshd-session,sshd_t,var_lib_t,file,setattr Version-Release number of selected component: selinux-policy-targeted-42.1-1.fc43.noarch Additional info: reporter: libreport-2.17.15 reason: SELinux is preventing /usr/libexec/openssh/sshd-session from 'setattr' accesses on the file /(null). package: selinux-policy-targeted-42.1-1.fc43.noarch component: selinux-policy hashmarkername: setroubleshoot type: libreport kernel: 6.16.0-0.rc6.250715g155a3c003e55.53.fc43.x86_64+debug component: selinux-policy
Created attachment 2097755 [details] File: description
Created attachment 2097756 [details] File: os_info
*** This bug has been marked as a duplicate of bug 2382799 ***