I have a problem in F23 (that wasn't in F22), where getmail (or its feed into qmail) doesn't work in enforcing mode. I first tried using audit2allow to whitelist all of the avcs. That didn't work. Then I used semodule -DB in case there was a don't audit rule and then used audit2allow again to get the data for a local semodule and it still didn't work. I am seeing a user avc in the logs, that I suspect isn't getting handled by audit2allow, but I am not sure how to say its OK or change things so I don't hit it: type=USER_AVC msg=audit(1443471901.485:584): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission stop for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
I tried searching for some of the text, but I didn't find any relevant references.
On 09/28/2015 10:34 PM, Bruno Wolff III wrote:
I have a problem in F23 (that wasn't in F22), where getmail (or its feed into qmail) doesn't work in enforcing mode. I first tried using audit2allow to whitelist all of the avcs.
Could you attach them?
There could be also a selinux_err message in audit.log.
That didn't work. Then I used
semodule -DB in case there was a don't audit rule and then used audit2allow again to get the data for a local semodule and it still didn't work. I am seeing a user avc in the logs, that I suspect isn't getting handled by audit2allow, but I am not sure how to say its OK or change things so I don't hit it: type=USER_AVC msg=audit(1443471901.485:584): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission stop for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
I tried searching for some of the text, but I didn't find any relevant references. -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
On Tue, Sep 29, 2015 at 10:57:07 +0200, Miroslav Grepl mgrepl@redhat.com wrote:
On 09/28/2015 10:34 PM, Bruno Wolff III wrote:
I have a problem in F23 (that wasn't in F22), where getmail (or its feed into qmail) doesn't work in enforcing mode. I first tried using audit2allow to whitelist all of the avcs.
Could you attach them?
Are you looking for audit2allow output? THe latest said that all of the AVCs are allowed in the current policy. The mystery AVC from audit.log was included in the original message.
type=USER_AVC msg=audit(1443471901.485:584): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission stop for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
selinux@lists.fedoraproject.org