View Issue Details

IDProjectCategoryView StatusLast Update
0013486CentOS-7selinux-policypublic2020-04-06 21:50
Reportersylweksylwina Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
OS Version7 
Summary0013486: SELinux is preventing /usr/sbin/apcupsd from 'read' accesses on the file
DescriptionDescription of problem:
Problem with apcupsd (installed from epel repository) with selinux that is blocking writing log info to the defult /var/log/ file.
SELinux is preventing /usr/sbin/apcupsd from 'read' accesses on the file

***** Plugin catchall (100. confidence) suggests **************************

If aby apcupsd powinno mieć domyślnie read dostęp do file.
Then proszę to zgłosić jako błąd.
Można utworzyć lokalny moduł polityki, aby umożliwić ten dostęp.
allow this access for now by executing:
# ausearch -c 'apcupsd' --raw | audit2allow -M my-apcupsd
# semodule -i my-apcupsd.pp

Additional Information:
Source Context system_u:system_r:apcupsd_t:s0
Target Context unconfined_u:object_r:var_log_t:s0
Target Objects [ file ]
Source apcupsd
Source Path /usr/sbin/apcupsd
Port <Unknown>
Host (removed)
Source RPM Packages apcupsd-3.14.14-5.el7.x86_64
Target RPM Packages
Policy RPM selinux-policy-3.13.1-102.el7_3.16.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name (removed)
Platform Linux (removed) 3.10.0-514.21.2.el7.x86_64 #1 SMP
                              Tue Jun 20 12:24:47 UTC 2017 x86_64 x86_64
Alert Count 71
First Seen 2017-06-30 17:02:32 CEST
Last Seen 2017-06-30 17:12:48 CEST
Local ID 9d0af789-6eb8-4e28-b85a-8b4066e49a32

Raw Audit Messages
type=AVC msg=audit(1498835568.498:247): avc: denied { read } for pid=4398 comm="apcupsd" name="" dev="dm-3" ino=522683 scontext=system_u:system_r:apcupsd_t:s0 tcontext=unconfined_u:object_r:var_log_t:s0 tclass=file

type=SYSCALL msg=audit(1498835568.498:247): arch=x86_64 syscall=open success=no exit=EACCES a0=7fb6443182c0 a1=80000 a2=ffffffea a3=0 items=0 ppid=1 pid=4398 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=apcupsd exe=/usr/sbin/apcupsd subj=system_u:system_r:apcupsd_t:s0 key=(null)

Hash: apcupsd,apcupsd_t,var_log_t,file,read

Version-Release number of selected component:
Additional Informationreporter: libreport-
hashmarkername: setroubleshoot
kernel: 3.10.0-514.21.2.el7.x86_64
reproducible: Not sure how to reproduce the problem
type: libreport
TagsNo tags attached.




2017-06-30 16:33

reporter   ~0029581

Just deleted /var/log/ and restarted apcupsd service and problem is gone.

Issue History

Date Modified Username Field Change
2017-06-30 15:17 sylweksylwina New Issue
2017-06-30 16:33 sylweksylwina Note Added: 0029581