snapd: dbus avc permissions denied
Bug #1915642 reported by
Harold Dost
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Snappy |
Fix Released
|
Undecided
|
Maciej Borzecki | ||
Bug Description
Since 2.46.1 there were new dbus service files added. Which has dbus-broker watch /var/lib/
but unfortunately there exists no selinux policy to compliment this which causes the following error:
```
Feb 13 19:41:45 dosttop.local audit[1375]: AVC avc: denied { watch } for pid=1375 comm="dbus-
```
This results in the system starting anything reliant on dbus failing.
I would write a patch, but I'm a novice when it comes to selinux and while i've fixed it locally I'm not sure, but I believe this would be added to https:/
| Changed in snappy: | |
| assignee: | nobody → Maciej Borzecki (maciek-borzecki) |
Revision history for this message
| Maciej Borzecki (maciek-borzecki) wrote | #1 |
| Changed in snappy: | |
| status: | New → Incomplete |
| status: | Incomplete → Confirmed |
Revision history for this message
| Maciej Borzecki (maciek-borzecki) wrote | #2 |
| Changed in snappy: | |
| status: | Confirmed → In Progress |
Revision history for this message
| Harold Dost (hdost3) wrote | #3 |
Revision history for this message
| Maciej Borzecki (maciek-borzecki) wrote | #4 |
| Changed in snappy: | |
| status: | In Progress → Fix Committed |
Revision history for this message
| Maciej Borzecki (maciek-borzecki) wrote | #5 |
| Changed in snappy: | |
| status: | Fix Committed → Fix Released |
To post a comment you must log in.
Is this on rawhide? I see that basic support for watch landed a week ago in the reference policy.