Every time I copy and past a photo SELinux alert comes up saying that there is an issue with the source process "blocking-2". Attempted this access:connectto. io.systemd.Home. I can upload the screenshot. Everything works but these alerts keep coming up. This error also occurred the other day when I downloaded a PDF file. Reproducible: Always Steps to Reproduce: 1.Take a screenshot or copy and paste a photo. 2. 3. Actual Results: SELinux alert pops up. Should not be happening. Expected Results: There should be no SELinux alert popping up.
Created attachment 2114587 [details] screenshot of SELInux alert Screenshot of SELinux alert.
Created attachment 2114588 [details] Details of the SELinux alert
Interesting thing happened tonight. I just did the updates on my newer computer and now on that machine I am not seeing this happen anymore. What's strange is that I believe that I installed the exact same updates on both machines. I will report back tomorrow if it is still doing it on the older computer. I use one in the morning and the other one in the evening. Both are hooked up to the same monitor and keyboard with a KVM switch. Or it could be that there were more updates that I applied to this machine tonight. And one of those fixed the problem. But I will report back in the morning if things changed on that machine as well. Also I will see if there were in fact more updates that just had not yet been applied to the older computer. I did see a few X11 updates and I am not quite certain that they were applied earlier to the older machine.
Well, I believe that both computers are updated to the same point. I even did a refresh on the older computer last night just to make sure. This morning there are no updates available. However, the issue persists on the older computer. I am looking for any differences beyond the fact that one is running older hardware. Both are using the same graphics card, a GTX 1050 Ti. So it is still a bit of a mystery. I don't feel like this is too big of a deal at the moment because everything is working just fine. But would rather not see those alerts all the time.
Forgot to mention this is using the MATE Compiz spin. Yesterday I got an SELInux Alert on the newer computer when I was just downloading a PDF file. That one was related to bwrap.
OK. Right now my son and I fixed the AVC Denial popping up when taking a screenshot. I have two computers and it was only happening on the older computer. So we started comparing things and looked at the details of the SETroubleshoot. It was showing an issue with a service called systemd-homed. That service was disabled on the newer computer but running on the older computer. We disabled it on the older computer, rebooted and the issue went away. Now the only remaining issue is with the AVC Denial while downloading a PDF file. That is related to bwrap and thumb_t. Here is the info from the SETroubleshoot details for that one... type=AVC msg=audit(1763620764.976:413): avc: denied { sys_admin } for pid=62402 comm=“bwrap” capability=21 scontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tclass=cap_userns permissive=0 Hash: bwrap,thumb_t,thumb_t,cap_userns,sys_admin Additional Information: Source Context unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 Target Context unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 Target Objects Unknown [ cap_userns ]
Not sure what is going on but bwrap and SELinux are causing all kinds of problems in 43. I would hope that gets fixed at some point.