View Issue Details

IDProjectCategoryView StatusLast Update
0013486CentOS-7selinux-policypublic2020-04-06 21:50
Reportersylweksylwina 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
PlatformOSOS Version7
Product Version 
Target VersionFixed in Version 
Summary0013486: SELinux is preventing /usr/sbin/apcupsd from 'read' accesses on the file apcupsd.events.
DescriptionDescription of problem:
Problem with apcupsd (installed from epel repository) with selinux that is blocking writing log info to the defult /var/log/apcupsd.events file.
SELinux is preventing /usr/sbin/apcupsd from 'read' accesses on the file apcupsd.events.

***** Plugin catchall (100. confidence) suggests **************************

If aby apcupsd powinno mieć domyślnie read dostęp do apcupsd.events file.
Then proszę to zgłosić jako błąd.
Można utworzyć lokalny moduł polityki, aby umożliwić ten dostęp.
Do
allow this access for now by executing:
# ausearch -c 'apcupsd' --raw | audit2allow -M my-apcupsd
# semodule -i my-apcupsd.pp

Additional Information:
Source Context system_u:system_r:apcupsd_t:s0
Target Context unconfined_u:object_r:var_log_t:s0
Target Objects apcupsd.events [ file ]
Source apcupsd
Source Path /usr/sbin/apcupsd
Port <Unknown>
Host (removed)
Source RPM Packages apcupsd-3.14.14-5.el7.x86_64
Target RPM Packages
Policy RPM selinux-policy-3.13.1-102.el7_3.16.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name (removed)
Platform Linux (removed) 3.10.0-514.21.2.el7.x86_64 #1 SMP
                              Tue Jun 20 12:24:47 UTC 2017 x86_64 x86_64
Alert Count 71
First Seen 2017-06-30 17:02:32 CEST
Last Seen 2017-06-30 17:12:48 CEST
Local ID 9d0af789-6eb8-4e28-b85a-8b4066e49a32

Raw Audit Messages
type=AVC msg=audit(1498835568.498:247): avc: denied { read } for pid=4398 comm="apcupsd" name="apcupsd.events" dev="dm-3" ino=522683 scontext=system_u:system_r:apcupsd_t:s0 tcontext=unconfined_u:object_r:var_log_t:s0 tclass=file


type=SYSCALL msg=audit(1498835568.498:247): arch=x86_64 syscall=open success=no exit=EACCES a0=7fb6443182c0 a1=80000 a2=ffffffea a3=0 items=0 ppid=1 pid=4398 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=apcupsd exe=/usr/sbin/apcupsd subj=system_u:system_r:apcupsd_t:s0 key=(null)

Hash: apcupsd,apcupsd_t,var_log_t,file,read

Version-Release number of selected component:
selinux-policy-3.13.1-102.el7_3.16.noarch
Additional Informationreporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-514.21.2.el7.x86_64
reproducible: Not sure how to reproduce the problem
type: libreport
TagsNo tags attached.
abrt_hash7695d7332d54bd6d4699b3dedc812e681fe0c0cb338dfec94557c5f41fcbdd72
URL

Activities

sylweksylwina

sylweksylwina

2017-06-30 16:33

reporter   ~0029581

Just deleted /var/log/apcupsd.events and restarted apcupsd service and problem is gone.

Issue History

Date Modified Username Field Change
2017-06-30 15:17 sylweksylwina New Issue
2017-06-30 16:33 sylweksylwina Note Added: 0029581