Hello,
Some new AVC reported on an osp15:
type=AVC msg=audit(1552550088.001:4259): avc: denied { read } for pid=85977 comm="systemd-user-ru" name="dbus-1" dev="tmpfs" ino=605557 scontext=system_u:system_r:init_t:s0 tcontext=unconfined_u:object_r:session_dbusd_tmp_t:s0 tclass=dir permissive=0
Journalctl shows the following:
Mar 14 07:54:49 undercloud.localdomain setroubleshoot[85982]: SELinux is preventing /usr/lib/systemd/systemd-user-runtime-dir from read access on the directory dbus-1. For complete SELinux messages run: sealert -l d74972a4-9c79-48f7-83b3->
Mar 14 07:54:49 undercloud.localdomain platform-python[85982]: SELinux is preventing /usr/lib/systemd/systemd-user-runtime-dir from read access on the directory dbus-1.
***** Plugin catchall (100. confidence) suggests **************************
If you believe that systemd-user-runtime-dir should be allowed read access on the dbus-1 directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'systemd-user-ru' --raw | audit2allow -M my-systemduserru
# semodule -X 300 -i my-systemduserru.pp
In this case, we might want to allow the access. @Juan, any thoughts?
Cheers,
C.
Small note: dbusd_tmp_ t:dir read;
apparently the authorization looks like:
allow init_t session_