View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0018542 | CentOS-8 | wpa_supplicant | public | 2022-11-22 06:54 | 2022-11-27 00:54 |
Reporter | Khairi | Assigned To | |||
Priority | normal | Severity | minor | Reproducibility | always |
Status | closed | Resolution | won't fix | ||
Platform | Centos stream 9 | ||||
Summary | 0018542: wpa supplicant | ||||
Description | SELinux is preventing /usr/sbin/wpa_supplicant from using the bpf capability. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that wpa_supplicant should have the bpf capability by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'wpa_supplicant' --raw | audit2allow -M my-wpasupplicant # semodule -X 300 -i my-wpasupplicant.pp Additional Information: Source Context system_u:system_r:NetworkManager_t:s0 Target Context system_u:system_r:NetworkManager_t:s0 Target Objects Unknown [ capability2 ] Source wpa_supplicant Source Path /usr/sbin/wpa_supplicant Port <Unknown> Host tbees.tn Source RPM Packages wpa_supplicant-2.10-4.el9.x86_64 Target RPM Packages SELinux Policy RPM selinux-policy-targeted-34.1.46-1.el9.noarch Local Policy RPM selinux-policy-targeted-34.1.46-1.el9.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name tbees.tn Platform Linux tbees.tn 5.14.0-197.el9.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Nov 16 17:08:31 UTC 2022 x86_64 x86_64 Alert Count 6 First Seen 2022-11-21 15:01:14 CET Last Seen 2022-11-22 07:52:33 CET Local ID 4c5e5996-801c-438c-b95d-685305523b9e Raw Audit Messages type=AVC msg=audit(1669099953.794:205): avc: denied { bpf } for pid=1050 comm="wpa_supplicant" capability=39 scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=capability2 permissive=0 type=SYSCALL msg=audit(1669099953.794:205): arch=x86_64 syscall=setsockopt success=yes exit=0 a0=c a1=1 a2=1a a3=55b2ffb093a0 items=0 ppid=1 pid=1050 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=wpa_supplicant exe=/usr/sbin/wpa_supplicant subj=system_u:system_r:NetworkManager_t:s0 key=(null) Hash: wpa_supplicant,NetworkManager_t,NetworkManager_t,capability2,bpf | ||||
Steps To Reproduce | wpa supplicant | ||||
Tags | No tags attached. | ||||
All CentOS Stream-related bugs must be reported at RHBZ. Details are in https://wiki.centos.org/ReportBugs . | |