View Issue Details

IDProjectCategoryView StatusLast Update
0015973CentOS-7selinux-policypublic2019-04-02 00:07
Reporterannunah 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
PlatformOSOS Version7
Product Version 
Target VersionFixed in Version 
Summary0015973: SELinux is preventing /usr/bin/ps from 'search' accesses on the каталог /var/log/gdm.
DescriptionDescription of problem:
SELinux is preventing /usr/bin/ps from 'search' accesses on the каталог /var/log/gdm.

***** Plugin catchall (100. confidence) suggests **************************

If you believe that ps should be allowed search access on the gdm directory by default.
Then рекомендуется создать отчет об ошибке.
Чтобы разрешить доступ, можно создать локальный модуль политики.
Do
allow this access for now by executing:
# ausearch -c 'ps' --raw | audit2allow -M my-ps
# semodule -i my-ps.pp

Additional Information:
Source Context system_u:system_r:pcp_pmie_t:s0
Target Context system_u:object_r:xserver_log_t:s0
Target Objects /var/log/gdm [ dir ]
Source ps
Source Path /usr/bin/ps
Port <Unknown>
Host (removed)
Source RPM Packages
Target RPM Packages gdm-3.28.2-12.el7_6.x86_64
Policy RPM selinux-policy-3.13.1-229.el7_6.9.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name (removed)
Platform Linux (removed) 3.10.0-957.10.1.el7.x86_64 #1 SMP
                              Mon Mar 18 15:06:45 UTC 2019 x86_64 x86_64
Alert Count 2
First Seen 2019-04-02 03:00:19 EEST
Last Seen 2019-04-02 03:00:19 EEST
Local ID 93060593-a543-418f-841f-4f8b562a8bd8

Raw Audit Messages
type=AVC msg=audit(1554163219.466:2229): avc: denied { search } for pid=4849 comm="ps" name="gdm" dev="dm-0" ino=135260781 scontext=system_u:system_r:pcp_pmie_t:s0 tcontext=system_u:object_r:xserver_log_t:s0 tclass=dir permissive=0


Hash: ps,pcp_pmie_t,xserver_log_t,dir,search

Version-Release number of selected component:
selinux-policy-3.13.1-229.el7_6.9.noarch
Additional Informationreporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.10.1.el7.x86_64
reproducible: Not sure how to reproduce the problem
type: libreport
TagsNo tags attached.
abrt_hashff9cdecb8c29e758293aa4d6c0b9a652d8c5b56d8973eefba65b7aea9abf1a7e
URL

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2019-04-02 00:07 annunah New Issue