View Issue Details

IDProjectCategoryView StatusLast Update
0016047CentOS-7selinux-policypublic2019-04-30 15:56
Reportervicente 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
PlatformOSOS Version7
Product Version 
Target VersionFixed in Version 
Summary0016047: SELinux is preventing /usr/bin/dbus-daemon from 'read' accesses on the carpeta labeled fusefs_t.
DescriptionDescription of problem:
SELinux is preventing /usr/bin/dbus-daemon from 'read' accesses on the carpeta labeled fusefs_t.

***** Plugin catchall (100. confidence) suggests **************************

Si cree que de manera predeterminada se debería permitir a dbus-daemon el acceso read sobre directory etiquetados como fusefs_t.
Then debería reportar esto como un error.
Puede generar un módulo de política local para permitir este acceso.
Do
permita el acceso temporalmente ejecutando:
# ausearch -c 'dbus-daemon' --raw | audit2allow -M mi-dbusdaemon
# semodule -i mi-dbusdaemon.pp

Additional Information:
Source Context system_u:system_r:system_dbusd_t:s0-s0:c0.c1023
Target Context system_u:object_r:fusefs_t:s0
Target Objects Unknown [ dir ]
Source dbus-daemon
Source Path /usr/bin/dbus-daemon
Port <Unknown>
Host (removed)
Source RPM Packages dbus-1.10.24-13.el7_6.x86_64
Target RPM Packages
Policy RPM selinux-policy-3.13.1-229.el7_6.12.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name (removed)
Platform Linux (removed) 3.10.0-957.12.1.el7.x86_64 #1 SMP
                              Mon Apr 29 14:59:59 UTC 2019 x86_64 x86_64
Alert Count 1
First Seen 2019-04-30 17:56:11 CEST
Last Seen 2019-04-30 17:56:11 CEST
Local ID 0f9f24f3-1943-4a56-ba48-c934e7e07a2a

Raw Audit Messages
type=AVC msg=audit(1556639771.918:221): avc: denied { read } for pid=4033 comm="dbus-daemon" path="/run/user/1000/gvfs/smb-share:server=192.168.1.170,share=copseg" dev="fuse" ino=2 scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:fusefs_t:s0 tclass=dir permissive=0


type=SYSCALL msg=audit(1556639771.918:221): arch=x86_64 syscall=recvmsg success=yes exit=200 a0=50 a1=7ffe94f35cc0 a2=40000000 a3=ffffffff items=0 ppid=1 pid=4033 auid=4294967295 uid=81 gid=81 euid=81 suid=81 fsuid=81 egid=81 sgid=81 fsgid=81 tty=(none) ses=4294967295 comm=dbus-daemon exe=/usr/bin/dbus-daemon subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 key=(null)

Hash: dbus-daemon,system_dbusd_t,fusefs_t,dir,read

Version-Release number of selected component:
selinux-policy-3.13.1-229.el7_6.12.noarch
Additional Informationreporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.12.1.el7.x86_64
reproducible: Not sure how to reproduce the problem
type: libreport
TagsNo tags attached.
abrt_hash583250c4fa1a658a081373de096d17daf27af748d639f0625f0bfa142ebd2fc6
URL

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2019-04-30 15:56 vicente New Issue