View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0018204CentOS-7selinux-policypublic2021-05-23 14:122021-05-23 22:31
Reporterjaortega Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
OS Version7 
Summary0018204: SELinux is preventing /usr/bin/dbus-launch from 'read' accesses on the lnk_file /var/lib/dbus/machine-id.
DescriptionDescription of problem:
SELinux is preventing /usr/bin/dbus-launch from 'read' accesses on the lnk_file /var/lib/dbus/machine-id.

***** Plugin catchall (100. confidence) suggests **************************

If you believe that dbus-launch should be allowed read access on the machine-id lnk_file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'dbus-launch' --raw | audit2allow -M my-dbuslaunch
# semodule -i my-dbuslaunch.pp

Additional Information:
Source Context system_u:system_r:xdm_t:s0-s0:c0.c1023
Target Context system_u:object_r:system_dbusd_var_lib_t:s0
Target Objects /var/lib/dbus/machine-id [ lnk_file ]
Source dbus-launch
Source Path /usr/bin/dbus-launch
Port <Unknown>
Host (removed)
Source RPM Packages ibus-1.5.17-12.el7_9.x86_64
Target RPM Packages
Policy RPM selinux-policy-3.13.1-268.el7_9.2.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name (removed)
Platform Linux (removed) 3.10.0-1160.25.1.el7.x86_64 #1 SMP
                              Wed Apr 28 21:49:45 UTC 2021 x86_64 x86_64
Alert Count 20
First Seen 2021-05-23 15:55:49 CEST
Last Seen 2021-05-23 15:58:25 CEST
Local ID 7141ca94-54c1-42e1-9224-02aa3ba4f949

Raw Audit Messages
type=AVC msg=audit(1621778305.209:169): avc: denied { read } for pid=2076 comm="ibus-x11" name="machine-id" dev="dm-0" ino=68864245 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:system_dbusd_var_lib_t:s0 tclass=lnk_file permissive=0


type=SYSCALL msg=audit(1621778305.209:169): arch=x86_64 syscall=open success=no exit=EACCES a0=7fb44c298361 a1=0 a2=0 a3=7ffe64aa54e0 items=0 ppid=1 pid=2076 auid=4294967295 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) ses=4294967295 comm=ibus-x11 exe=/usr/libexec/ibus-x11 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)

Hash: dbus-launch,xdm_t,system_dbusd_var_lib_t,lnk_file,read

Version-Release number of selected component:
selinux-policy-3.13.1-268.el7_9.2.noarch
Additional Informationreporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-1160.25.1.el7.x86_64
reproducible: Not sure how to reproduce the problem
type: libreport
TagsNo tags attached.
abrt_hashfaa5dc76de8c4536a421ab4364d6fa4b6b00c5257d6322232a791855731b523a
URL

Activities

ManuelWolfshant

ManuelWolfshant

2021-05-23 22:31

manager   ~0038461

This looks like a mislabeled filesystem. Can you please touch /.autorelabel && reboot ?

Issue History

Date Modified Username Field Change
2021-05-23 14:12 jaortega New Issue
2021-05-23 22:31 ManuelWolfshant Note Added: 0038461