View Issue Details

IDProjectCategoryView StatusLast Update
0018353CentOS-7selinux-policypublic2021-11-18 09:13
Reporterrk-centosbug Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
OS Version7 
Summary0018353: SELinux is preventing reporter-urepor from 'create' accesses on the directory dbTemp.oevrep.
DescriptionDescription of problem:
SELinux is preventing reporter-urepor from create access on the directory dbTemp.oevrep.
Please note:
As admin have executed
You should report this as a bug.
You can generate a local policy module to allow this access.
Allow this access for now by executing:
# ausearch -c 'reporter-urepor' --raw | audit2allow -M my-reporterurepor
# semodule -i my-reporterurepor.pp
But this SELinux report continues..
When reporting bug, it apparently has already been reported.

SELinux is preventing reporter-urepor from 'create' accesses on the directory dbTemp.oevrep.

***** Plugin catchall (100. confidence) suggests **************************

If you believe that reporter-urepor should be allowed create access on the dbTemp.oevrep directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'reporter-urepor' --raw | audit2allow -M my-reporterurepor
# semodule -i my-reporterurepor.pp

Additional Information:
Source Context system_u:system_r:abrt_t:s0-s0:c0.c1023
Target Context system_u:object_r:cert_t:s0
Target Objects dbTemp.oevrep [ dir ]
Source reporter-urepor
Source Path reporter-urepor
Port <Unknown>
Host (removed)
Source RPM Packages
Target RPM Packages
Policy RPM selinux-policy-3.13.1-268.el7_9.2.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name (removed)
Platform Linux (removed) 3.10.0-1160.45.1.el7.x86_64 #1 SMP
                              Wed Oct 13 17:20:51 UTC 2021 x86_64 x86_64
Alert Count 2
First Seen 2021-11-18 11:29:36 AEDT
Last Seen 2021-11-18 11:29:36 AEDT
Local ID d171f185-2825-4556-9e9f-ace2de02ee59

Raw Audit Messages
type=AVC msg=audit(1637195376.709:2456): avc: denied { create } for pid=74746 comm="reporter-urepor" name="dbTemp.oevrep" scontext=system_u:system_r:abrt_t:s0-s0:c0.c1023 tcontext=system_u:object_r:cert_t:s0 tclass=dir permissive=0


Hash: reporter-urepor,abrt_t,cert_t,dir,create

Version-Release number of selected component:
selinux-policy-3.13.1-268.el7_9.2.noarch
Additional Informationreporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-1160.45.1.el7.x86_64
reproducible: Not sure how to reproduce the problem
type: libreport
TagsNo tags attached.
abrt_hashdafb5fc3395970515659f8fba2cb3ec629821faed4569ab045026a04fa28e97f
URL

Activities

ManuelWolfshant

ManuelWolfshant

2021-11-18 09:13

manager   ~0038737

Can you please run restorecone -Rv / on your system and try to reproduce the error ? Your problem looks like a mislabeled folder to me.

Issue History

Date Modified Username Field Change
2021-11-18 00:34 rk-centosbug New Issue
2021-11-18 09:13 ManuelWolfshant Note Added: 0038737