snapd: dbus avc permissions denied
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Snappy |
Fix Released
|
Undecided
|
Maciej Borzecki |
Bug Description
Since 2.46.1 there were new dbus service files added. Which has dbus-broker watch /var/lib/
but unfortunately there exists no selinux policy to compliment this which causes the following error:
```
Feb 13 19:41:45 dosttop.local audit[1375]: AVC avc: denied { watch } for pid=1375 comm="dbus-
```
This results in the system starting anything reliant on dbus failing.
I would write a patch, but I'm a novice when it comes to selinux and while i've fixed it locally I'm not sure, but I believe this would be added to https:/
Changed in snappy: | |
assignee: | nobody → Maciej Borzecki (maciek-borzecki) |
Changed in snappy: | |
status: | New → Incomplete |
status: | Incomplete → Confirmed |
Changed in snappy: | |
status: | Confirmed → In Progress |
Is this on rawhide? I see that basic support for watch landed a week ago in the reference policy.