View Issue Details

IDProjectCategoryView StatusLast Update
0017776CentOS-8selinux-policypublic2020-10-03 15:02
ReporterKhairi 
PrioritynormalSeverityminorReproducibilityalways
Status newResolutionopen 
Platformcentos 8OScentosOS Version8
Product Version8.2.2004 
Target VersionFixed in Version 
Summary0017776: SELinux is preventing (fwupd) from setattr access on the directory fwupd.
DescriptionSELinux is preventing (fwupd) from setattr access on the directory
fwupd.

***** Plugin catchall (100. confidence)
suggests **************************

If you believe that (fwupd) should be allowed setattr access on the
fwupd directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c '(fwupd)' --raw | audit2allow -M my-fwupd
# semodule -X 300 -i my-fwupd.pp

Additional Information:
Source Context system_u:system_r:init_t:s0
Target Context system_u:object_r:fwupd_var_lib_t:s0
Target Objects fwupd [ dir ]
Source (fwupd)
Source Path (fwupd)
Port <Unknown>
Host geoph.inmt
Source RPM Packages
Target RPM Packages
Policy RPM selinux-policy-3.14.3-41.el8.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name geoph.inmt
Platform Linux geoph.inmt 4.18.0-193.el8.x86_64 #1
SMP Fri
                              May 8 10:59:10 UTC 2020 x86_64 x86_64
Alert Count 1
First Seen 2020-10-03 15:51:56 CET
Last Seen 2020-10-03 15:51:56 CET
Local ID 26e27f59-78e3-47ab-8b27-e0ace71a5a7e

Raw Audit Messages
type=AVC msg=audit(1601736716.163:98): avc: denied { setattr }
for pid=2857 comm="(fwupd)" name="fwupd" dev="dm-0" ino=202553354
scontext=system_u:system_r:init_t:s0
tcontext=system_u:object_r:fwupd_var_lib_t:s0 tclass=dir permissive=0


Hash: (fwupd),init_t,fwupd_var_lib_t,dir,setattr
TagsNo tags attached.

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2020-10-03 15:02 Khairi New Issue