View Issue Details

IDProjectCategoryView StatusLast Update
0016395CentOS-7selinux-policypublic2019-09-11 12:02
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionwon't fix 
PlatformOSOS Version7
Product Version 
Target VersionFixed in Version 
Summary0016395: SELinux is preventing systemd-readahe from read, open access on the archivo /usr/NX/bin/nxserver.bin.
DescriptionDescription of problem:
Inicio despues de instalar el escritorio remoto nx.
SELinux is preventing systemd-readahe from read, open access on the archivo /usr/NX/bin/nxserver.bin.

***** Plugin catchall (100. confidence) suggests **************************

Si cree que de manera predeterminada se debería permitir a systemd-readahe el acceso read open sobre nxserver.bin file.
Then debería reportar esto como un error.
Puede generar un módulo de política local para permitir este acceso.
permita el acceso temporalmente ejecutando:
# ausearch -c 'systemd-readahe' --raw | audit2allow -M mi-systemdreadahe
# semodule -i mi-systemdreadahe.pp

Additional Information:
Source Context system_u:system_r:readahead_t:s0
Target Context unconfined_u:object_r:nx_exec_t:s0
Target Objects /usr/NX/bin/nxserver.bin [ file ]
Source systemd-readahe
Source Path systemd-readahe
Port <Unknown>
Host (removed)
Source RPM Packages
Target RPM Packages
Policy RPM selinux-policy-3.13.1-229.el7_6.15.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name (removed)
Platform Linux (removed) 3.10.0-957.21.3.el7.x86_64 #1 SMP
                              Tue Jun 18 16:35:19 UTC 2019 x86_64 x86_64
Alert Count 48
First Seen 2019-09-11 08:57:35 -03
Last Seen 2019-09-11 08:57:59 -03
Local ID 525ebfae-4a7a-4125-a053-c198a9d37ece

Raw Audit Messages
type=AVC msg=audit(1568203079.460:239): avc: denied { read open } for pid=2032 comm="systemd-readahe" path="/usr/NX/bin/nxserver.bin" dev="dm-0" ino=2769883 scontext=system_u:system_r:readahead_t:s0 tcontext=unconfined_u:object_r:nx_exec_t:s0 tclass=file permissive=0

Hash: systemd-readahe,readahead_t,nx_exec_t,file,read,open

Version-Release number of selected component:
Additional Informationreporter: libreport-
hashmarkername: setroubleshoot
kernel: 3.10.0-957.21.3.el7.x86_64
reproducible: Not sure how to reproduce the problem
type: libreport
TagsNo tags attached.




2019-09-11 12:02

manager   ~0035091

Your system has mislabeled files on it. We don't provide anything under /usr/NX so the problem you reported comes from a third party and you need to fix it. It's not a bug.

Issue History

Date Modified Username Field Change
2019-09-11 12:00 gudisa New Issue
2019-09-11 12:02 TrevorH Status new => closed
2019-09-11 12:02 TrevorH Resolution open => won't fix
2019-09-11 12:02 TrevorH Note Added: 0035091