Description of problem: This command triggered the error: # localectl set-x11-keymap es SELinux is preventing /usr/lib/systemd/systemd-localed from 'rename' accesses on the file .00-keyboard.conf9JSzMN. ***** Plugin catchall_labels (83.8 confidence) suggests ******************** If you want to allow systemd-localed to have rename access on the .00-keyboard.conf9JSzMN file Then necesita modificar la etiqueta en .00-keyboard.conf9JSzMN Do # semanage fcontext -a -t FILE_TYPE '.00-keyboard.conf9JSzMN' donde FILE_TYPE es uno de los siguientes: locale_t. Luego ejecute: restorecon -v '.00-keyboard.conf9JSzMN' ***** Plugin catchall (17.1 confidence) suggests *************************** If cree que de manera predeterminada, systemd-localed debería permitir acceso rename sobre .00-keyboard.conf9JSzMN file. Then debería reportar esto como un error. Puede generar un módulo de política local para permitir este acceso. Do permita el acceso momentáneamente executando: # grep systemd-localed /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:systemd_localed_t:s0 Target Context system_u:object_r:etc_t:s0 Target Objects .00-keyboard.conf9JSzMN [ file ] Source systemd-localed Source Path /usr/lib/systemd/systemd-localed Port <Unknown> Host (removed) Source RPM Packages systemd-197-1.fc18.2.x86_64 Target RPM Packages Policy RPM selinux-policy-3.11.1-82.fc18.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 3.8.1-201.fc18.x86_64 #1 SMP Thu Feb 28 19:23:08 UTC 2013 x86_64 x86_64 Alert Count 1 First Seen 2013-03-03 16:47:20 CET Last Seen 2013-03-03 16:47:20 CET Local ID 6d5bd96f-eee9-4d8a-8545-b684142efa5f Raw Audit Messages type=AVC msg=audit(1362325640.790:1508): avc: denied { rename } for pid=21807 comm="systemd-localed" name=".00-keyboard.conf9JSzMN" dev="dm-1" ino=267998 scontext=system_u:system_r:systemd_localed_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file type=SYSCALL msg=audit(1362325640.790:1508): arch=x86_64 syscall=rename success=yes exit=0 a0=7fc562649660 a1=7fc560982220 a2=7fc56264a630 a3=2 items=0 ppid=1 pid=21807 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm=systemd-localed exe=/usr/lib/systemd/systemd-localed subj=system_u:system_r:systemd_localed_t:s0 key=(null) Hash: systemd-localed,systemd_localed_t,etc_t,file,rename audit2allow #============= systemd_localed_t ============== allow systemd_localed_t etc_t:file rename; audit2allow -R #============= systemd_localed_t ============== allow systemd_localed_t etc_t:file rename; Additional info: hashmarkername: setroubleshoot kernel: 3.8.1-201.fc18.x86_64 type: libreport
When setting locale and language system-wide. Package: (null) OS Release: Fedora release 18 (Spherical Cow)
#============= systemd_localed_t ============== #!!!! This avc is allowed in the current policy allow systemd_localed_t etc_t:file rename;