View Issue Details

IDProjectCategoryView StatusLast Update
0015335CentOS-7selinux-policypublic2019-10-11 02:25
Reporterxpandaren 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
PlatformOSOS Version7
Product Version 
Target VersionFixed in Version 
Summary0015335: SELinux is preventing /opt/teamviewer/tv_bin/teamviewerd from 'sys_ptrace' accesses on the cap_userns Unknown.
DescriptionDescription of problem:
SELinux is preventing /opt/teamviewer/tv_bin/teamviewerd from 'sys_ptrace' accesses on the cap_userns Unknown.

***** Plugin catchall (100. confidence) suggests **************************

If you believe that teamviewerd should be allowed sys_ptrace access on the Unknown cap_userns by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'teamviewerd' --raw | audit2allow -M my-teamviewerd
# semodule -i my-teamviewerd.pp

Additional Information:
Source Context system_u:system_r:unconfined_service_t:s0
Target Context system_u:system_r:unconfined_service_t:s0
Target Objects Unknown [ cap_userns ]
Source teamviewerd
Source Path /opt/teamviewer/tv_bin/teamviewerd
Port <Unknown>
Host (removed)
Source RPM Packages
Target RPM Packages
Policy RPM selinux-policy-3.13.1-192.el7_5.6.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name (removed)
Platform Linux (removed) 4.18.11-1.el7.elrepo.x86_64 #1 SMP
                              Sat Sep 29 09:42:38 EDT 2018 x86_64 x86_64
Alert Count 2
First Seen 2018-09-30 09:57:25 -03
Last Seen 2018-09-30 09:57:40 -03
Local ID 7fe00267-b085-472e-8d9d-a7b2942a57d2

Raw Audit Messages
type=AVC msg=audit(1538312260.451:191): avc: denied { sys_ptrace } for pid=1507 comm="teamviewerd" capability=19 scontext=system_u:system_r:unconfined_service_t:s0 tcontext=system_u:system_r:unconfined_service_t:s0 tclass=cap_userns permissive=0


Hash: teamviewerd,unconfined_service_t,unconfined_service_t,cap_userns,sys_ptrace

Version-Release number of selected component:
selinux-policy-3.13.1-192.el7_5.6.noarch
Additional Informationreporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 4.18.11-1.el7.elrepo.x86_64
reproducible: Not sure how to reproduce the problem
type: libreport
TagsNo tags attached.
abrt_hashc3bc7afea226623729f8a7081559bcec614f9d4abb97ed6eab6e359d1194f16f
URL

Activities

ryolivac

ryolivac

2019-10-11 02:25

reporter   ~0035436

Another user experienced a similar problem:

La notificacion aparece despues de actualizaciones automáticas del sistema operativo. Tambien apareció despues de que ingresé con una opcion diferente de kernel en el grub

reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 5.1.6-1.el7.elrepo.x86_64
package: selinux-policy-3.13.1-252.el7.1.noarch
reason: SELinux is preventing teamviewerd from 'sys_ptrace' accesses on the cap_userns labeled unconfined_service_t.
reproducible: Not sure how to reproduce the problem
type: libreport

Issue History

Date Modified Username Field Change
2018-09-30 13:37 xpandaren New Issue
2019-10-11 02:25 ryolivac Note Added: 0035436