View Issue Details

IDProjectCategoryView StatusLast Update
0014932CentOS-7selinux-policypublic2018-12-06 04:45
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
PlatformOSOS Version7
Product Version 
Target VersionFixed in Version 
Summary0014932: SELinux is preventing /usr/sbin/ModemManager from 'read' accesses on the file /etc/passwd.
DescriptionDescription of problem:
SELinux is preventing /usr/sbin/ModemManager from 'read' accesses on the file /etc/passwd.

***** Plugin catchall (100. confidence) suggests **************************

If vous pensez que ModemManager devrait être autorisé à accéder read sur passwd file par défaut.
Then vous devriez rapporter ceci en tant qu'anomalie.
Vous pouvez générer un module de stratégie local pour autoriser cet accès.
allow this access for now by executing:
# ausearch -c 'ModemManager' --raw | audit2allow -M my-ModemManager
# semodule -i my-ModemManager.pp

Additional Information:
Source Context system_u:system_r:modemmanager_t:s0
Target Context system_u:object_r:passwd_file_t:s0
Target Objects /etc/passwd [ file ]
Source ModemManager
Source Path /usr/sbin/ModemManager
Port <Unknown>
Host (removed)
Source RPM Packages libmbim-utils-1.14.0-2.el7.x86_64
Target RPM Packages setup-2.8.71-7.el7.noarch
Policy RPM selinux-policy-3.13.1-192.el7_5.3.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name (removed)
Platform Linux (removed) 3.10.0-693.11.1.el7.x86_64 #1 SMP
                              Mon Dec 4 23:52:40 UTC 2017 x86_64 x86_64
Alert Count 538
First Seen 2017-12-16 18:02:12 -03
Last Seen 2018-06-10 14:17:41 -03
Local ID 251e903b-cf34-4ebb-9784-009951b6164c

Raw Audit Messages
type=AVC msg=audit(1528651061.17:3407): avc: denied { read } for pid=23282 comm="mbim-proxy" name="passwd" dev="dm-0" ino=68958643 scontext=system_u:system_r:modemmanager_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file

type=SYSCALL msg=audit(1528651061.17:3407): arch=x86_64 syscall=open success=no exit=EACCES a0=7fcd54009432 a1=80000 a2=1b6 a3=24 items=0 ppid=1 pid=23282 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=mbim-proxy exe=/usr/libexec/mbim-proxy subj=system_u:system_r:modemmanager_t:s0 key=(null)

Hash: ModemManager,modemmanager_t,passwd_file_t,file,read

Version-Release number of selected component:
Additional Informationreporter: libreport-
hashmarkername: setroubleshoot
kernel: 3.10.0-693.11.1.el7.x86_64
reproducible: Not sure how to reproduce the problem
type: libreport
TagsNo tags attached.


Mark Songhurst

Mark Songhurst

2018-12-06 04:45

reporter   ~0033237

Another user experienced a similar problem:

Fresh install of CentOS 7.16.1810
Behaviour of offending program does appear incorrect.

reporter: libreport-
hashmarkername: setroubleshoot
kernel: 3.10.0-957.1.3.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.6.noarch
reason: SELinux is preventing /usr/sbin/ModemManager from 'read' accesses on the file passwd.
reproducible: Not sure how to reproduce the problem
type: libreport

Issue History

Date Modified Username Field Change
2018-06-10 17:55 Franck New Issue
2018-12-06 04:45 Mark Songhurst Note Added: 0033237