Fixes several SELinux denials on Fedora 29 during startup.

How to install

sudo dnf upgrade --advisory=FEDORA-2018-506e97bb9b
This update has been submitted for testing by lvrabec. a year ago
User Icon alexpl commented & provided feedback a year ago
karma

Fixes the denials I was seeing.

BZ#1644313 SELinux is preventing systemd-user-ru from 'read' accesses on the directory dbus-1.
BZ#1645331 SELinux is preventing systemd-logind from 'read' accesses on the blk_file sda2.
User Icon alexpl commented & provided feedback a year ago
karma

Fixes the denials I was seeing.

BZ#1644313 SELinux is preventing systemd-user-ru from 'read' accesses on the directory dbus-1.
BZ#1645331 SELinux is preventing systemd-logind from 'read' accesses on the blk_file sda2.
User Icon mattia commented & provided feedback a year ago
karma

A lot better now.

BZ#1644313 SELinux is preventing systemd-user-ru from 'read' accesses on the directory dbus-1.
BZ#1645331 SELinux is preventing systemd-logind from 'read' accesses on the blk_file sda2.
User Icon mmarusak provided feedback a year ago
karma
BZ#1637358 SELinux is preventing gdm-wayland-session from starting
lvrabec edited this update. a year ago
User Icon jonatoni provided feedback a year ago
karma
BZ#1637358 SELinux is preventing gdm-wayland-session from starting
User Icon mattf commented & provided feedback a year ago
karma

I haven't seen the denial of systemd-user-ru from reading dbus-1 I reported in #1644313 or any others since upgrading to 3.14.2-41. Thanks.

BZ#1644313 SELinux is preventing systemd-user-ru from 'read' accesses on the directory dbus-1.
This update has been pushed to testing. a year ago
This update has been submitted for batched by bodhi. a year ago
User Icon egreshko commented & provided feedback a year ago
karma

Fixes the AVC's I'd been seeing

BZ#1644313 SELinux is preventing systemd-user-ru from 'read' accesses on the directory dbus-1.
User Icon anonymous commented & provided feedback a year ago

Works fixing the AVC I was seeing...

BZ#1644313 SELinux is preventing systemd-user-ru from 'read' accesses on the directory dbus-1.
This update has been submitted for stable by bodhi. a year ago
User Icon giardia commented & provided feedback a year ago
karma

Thanks for the fix!

BZ#1644313 SELinux is preventing systemd-user-ru from 'read' accesses on the directory dbus-1.
This update has been pushed to stable. a year ago

Please login to add feedback.

Metadata
Type
bugfix
Severity
high
Karma
7
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-2
Stable by Karma
4
Dates
submitted
a year ago
in testing
a year ago
in stable
a year ago
modified
a year ago
BZ#1637358 SELinux is preventing gdm-wayland-session from starting
0
2
BZ#1638948 SELinux is preventing sh from 'map' accesses on the file /etc/passwd.
0
0
BZ#1638949 SELinux is preventing strongswan from using the 'signal' accesses on a process.
0
0
BZ#1638981 SELinux is preventing systemd-rfkill from 'sendto' accesses on the unix_dgram_socket /run/systemd/journal/socket.
0
0
BZ#1639689 avc: denied { status } for auid=n/a uid=42 gid=42 cmdline="/usr/libexec/gdm-wayland-session gnome-session --autostart /usr/share/gdm/greeter/autostart"
0
0
BZ#1643063 SELinux is preventing (vnstatd) from using the 'nnp_transition' accesses on a process.
0
0
BZ#1644313 SELinux is preventing systemd-user-ru from 'read' accesses on the directory dbus-1.
0
6
BZ#1645278 SELinux is preventing systemd-logind from 'read' accesses on the blk_file nvme0n1p1.
0
0
BZ#1645331 SELinux is preventing systemd-logind from 'read' accesses on the blk_file sda2.
0
2
BZ#1645567 SELinux is preventing systemd-logind from 'ioctl' accesses on the blk_file /dev/nvme0n1.
0
0
BZ#1645631 SELinux is preventing systemd-logind from 'ioctl' accesses on the blk_file /dev/sda.
0
0

Automated Test Results