FEDORA-2019-38a1de7619 created by lvrabec 7 months ago for Fedora 29
stable

How to install

sudo dnf upgrade --advisory=FEDORA-2019-38a1de7619

This update has been submitted for testing by lvrabec.

7 months ago

This update has been pushed to testing.

7 months ago
User Icon danfruehauf commented & provided feedback 7 months ago
karma

Still doesn't work with NetworkManager-ssh:

May 20 11:11:00 localhost NetworkManager[1107]: <info> [1558314660.5685] audit: op="connection-activate" uuid="d0a1a843-98ad-41dc-831b-7a8139771a8e" name="tfx-jump ssh" pid=2351 uid=1000 result="success" May 20 11:11:00 localhost NetworkManager[1107]: <info> [1558314660.5718] vpn-connection[0x563d7e8f8350,d0a1a843-98ad-41dc-831b-7a8139771a8e,"tfx-jump ssh",0]: Started the VPN service, PID 2876 May 20 11:11:00 localhost NetworkManager[1107]: <info> [1558314660.5833] vpn-connection[0x563d7e8f8350,d0a1a843-98ad-41dc-831b-7a8139771a8e,"tfx-jump ssh",0]: Saw the service appear; activating connection May 20 11:11:00 localhost audit[960]: USER_AVC pid=960 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.NetworkManager.VPN.Plugin member=NeedSecrets dest=:1.392 spid=1107 tpid=2876 scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:system_r:NetworkManager_ssh_t:s0 tclass=dbus permissive=0#012 exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?' May 20 11:11:00 localhost NetworkManager[1107]: <error> [1558314660.5859] vpn-connection[0x563d7e8f8350,d0a1a843-98ad-41dc-831b-7a8139771a8e,"tfx-jump ssh",0]: plugin NeedSecrets request #1 failed: An SELinux policy prevents this sender from sending this message to this recipient, 0 matched rules; type="method_call", sender=":1.16" (uid=0 pid=1107 comm="/usr/sbin/NetworkManager --no-daemon " label="system_u:system_r:NetworkManager_t:s0") interface="org.freedesktop.NetworkManager.VPN.Plugin" member="NeedSecrets" error name="(unset)" requested_reply="0" destination=":1.392" (uid=0 pid=2876 comm="/usr/libexec/nm-ssh-service --bus-name org.freedes" label="system_u:system_r:NetworkManager_ssh_t:s0") May 20 11:11:00 localhost audit[960]: USER_AVC pid=960 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.NetworkManager.VPN.Plugin member=Disconnect dest=:1.392 spid=1107 tpid=2876 scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:system_r:NetworkManager_ssh_t:s0 tclass=dbus permissive=0#012 exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'


BZ#1677484 NetworkManager-ssh VPN connections timeout due to selinux policy
User Icon besser82 commented & provided feedback 7 months ago
karma

Works great! LGTM! =)

User Icon pwalter commented & provided feedback 7 months ago
karma

Works

This update has been submitted for batched by bodhi.

7 months ago

This update has been submitted for stable by bodhi.

7 months ago

This update has been pushed to stable.

7 months ago

Please login to add feedback.

Metadata
Type
bugfix
Severity
medium
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-2
Stable by Karma
3
Dates
submitted
7 months ago
in testing
7 months ago
in stable
7 months ago
BZ#1594598 SELinux is preventing qemu-system-aar from 'search' accesses on the directory 1178.
0
0
BZ#1648512 selinux-policy-targeted systemd init_t transition to aide_t
0
0
BZ#1669839 SELinux denials for chrony during FreeIPA server upgrade
0
0
BZ#1677484 NetworkManager-ssh VPN connections timeout due to selinux policy
-1
0

Automated Test Results