PDA

View Full Version : SELinux alert: ELinux is preventing systemd-gpt-aut from getattr access to /



binarydepth
1st November 2017, 03:58 PM
I have just installed Fedora 26 two days ago, and first while trying to use Netflix, SELinux denied access to a file in my home directory, That I wrote the exception for.

Now second alert, what should I do?

It says to report as a bug but I don't, in fact, know what's happening.


SELinux is preventing systemd-gpt-aut from getattr access on the directory /.

***** Plugin catchall (100. confidence) suggests **************************

If you believe that systemd-gpt-aut should be allowed getattr access on the directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'systemd-gpt-aut' --raw | audit2allow -M my-systemdgptaut
# semodule -X 300 -i my-systemdgptaut.pp

Additional Information:
Source Context system_u:system_r:systemd_gpt_generator_t:s0
Target Context system_u:object_r:unlabeled_t:s0
Target Objects / [ dir ]
Source systemd-gpt-aut
Source Path systemd-gpt-aut
Port <Unknown>
Host localhost.localdomain
Source RPM Packages
Target RPM Packages filesystem-3.2-40.fc26.x86_64
Policy RPM selinux-policy-3.13.1-259.fc26.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Permissive
Host Name localhost.localdomain
Platform Linux localhost.localdomain 4.11.8-300.fc26.x86_64
#1 SMP Thu Jun 29 20:09:48 UTC 2017 x86_64 x86_64
Alert Count 3
First Seen 2017-10-31 10:59:24 AST
Last Seen 2017-10-31 11:44:59 AST
Local ID d861aa53-36be-4f3c-841e-a6d0ca80e0ed

Raw Audit Messages
type=AVC msg=audit(1509464699.210:256): avc: denied { getattr } for pid=3318 comm="systemd-gpt-aut" path="/" dev="sda2" ino=3 scontext=system_u:system_r:systemd_gpt_generator_t :s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir permissive=1


Hash: systemd-gpt-aut,systemd_gpt_generator_t,unlabeled_t,dir,getatt r