Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix systemd-homed blobs directory permissions #2379

Merged
merged 1 commit into from
Oct 21, 2024

Conversation

richiedaze
Copy link
Contributor

Oct 08 18:42:47 fedora audit[911]: AVC avc: denied { write } for pid=911 comm="systemd-homed" name="home" dev="sda3" ino=196819 scontext=system_u:system_r:systemd_homed_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1
Oct 08 18:42:47 fedora audit[911]: AVC avc: denied { add_name } for pid=911 comm="systemd-homed" name="rich" scontext=system_u:system_r:systemd_homed_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1
Oct 08 18:42:47 fedora audit[911]: AVC avc: denied { create } for pid=911 comm="systemd-homed" name="rich" scontext=system_u:system_r:systemd_homed_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1
Oct 08 18:42:47 fedora audit[3061]: AVC avc: denied { write } for pid=3061 comm="systemd-homewor" name="home" dev="sda3" ino=196819 scontext=system_u:system_r:systemd_homework_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1
Oct 08 18:42:47 fedora audit[3061]: AVC avc: denied { add_name } for pid=3061 comm="systemd-homewor" name=".#rich7c61b494c6f1bd9c" scontext=system_u:system_r:systemd_homework_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1
Oct 08 18:42:47 fedora audit[3061]: AVC avc: denied { create } for pid=3061 comm="systemd-homewor" name=".#rich7c61b494c6f1bd9c" scontext=system_u:system_r:systemd_homework_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1
Oct 08 18:42:47 fedora audit[3061]: AVC avc: denied { write } for pid=3061 comm="systemd-homewor" path=2F7661722F63616368652F73797374656D642F686F6D652F2E2372696368376336316234393463366631626439632F23343535323835202864656C6574656429 dev="sda3" ino=455285 scontext=system_u:system_r:systemd_homework_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=file permissive=1
Oct 08 18:42:47 fedora audit[3061]: AVC avc: denied { setattr } for pid=3061 comm="systemd-homewor" name="#455285" dev="sda3" ino=455285 scontext=system_u:system_r:systemd_homework_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=file permissive=1
Oct 08 18:42:47 fedora audit[3061]: AVC avc: denied { link } for pid=3061 comm="systemd-homewor" name="#455285" dev="sda3" ino=455285 scontext=system_u:system_r:systemd_homework_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=file permissive=1
Oct 08 18:42:47 fedora audit[3061]: AVC avc: denied { remove_name } for pid=3061 comm="systemd-homewor" name=".#rich7c61b494c6f1bd9c" dev="sda3" ino=455284 scontext=system_u:system_r:systemd_homework_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1
Oct 08 18:42:47 fedora audit[3061]: AVC avc: denied { rename } for pid=3061 comm="systemd-homewor" name=".#rich7c61b494c6f1bd9c" dev="sda3" ino=455284 scontext=system_u:system_r:systemd_homework_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1
Oct 08 18:42:47 fedora audit[3061]: AVC avc: denied { rmdir } for pid=3061 comm="systemd-homewor" name="rich" dev="sda3" ino=455283 scontext=system_u:system_r:systemd_homework_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1
Oct 08 18:44:56 fedora audit[911]: AVC avc: denied { remove_name } for pid=911 comm="systemd-homed" name="avatar" dev="sda3" ino=455285 scontext=system_u:system_r:systemd_homed_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1
Oct 08 18:44:56 fedora audit[911]: AVC avc: denied { unlink } for pid=911 comm="systemd-homed" name="avatar" dev="sda3" ino=455285 scontext=system_u:system_r:systemd_homed_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=file permissive=1
Oct 08 18:44:56 fedora audit[911]: AVC avc: denied { rmdir } for pid=911 comm="systemd-homed" name="rich" dev="sda3" ino=455284 scontext=system_u:system_r:systemd_homed_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1

Oct 08 18:42:47 fedora audit[911]: AVC avc:  denied  { write } for  pid=911 comm="systemd-homed" name="home" dev="sda3" ino=196819 scontext=system_u:system_r:systemd_homed_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1
Oct 08 18:42:47 fedora audit[911]: AVC avc:  denied  { add_name } for  pid=911 comm="systemd-homed" name="rich" scontext=system_u:system_r:systemd_homed_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1
Oct 08 18:42:47 fedora audit[911]: AVC avc:  denied  { create } for  pid=911 comm="systemd-homed" name="rich" scontext=system_u:system_r:systemd_homed_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1
Oct 08 18:42:47 fedora audit[3061]: AVC avc:  denied  { write } for  pid=3061 comm="systemd-homewor" name="home" dev="sda3" ino=196819 scontext=system_u:system_r:systemd_homework_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1
Oct 08 18:42:47 fedora audit[3061]: AVC avc:  denied  { add_name } for  pid=3061 comm="systemd-homewor" name=".#rich7c61b494c6f1bd9c" scontext=system_u:system_r:systemd_homework_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1
Oct 08 18:42:47 fedora audit[3061]: AVC avc:  denied  { create } for  pid=3061 comm="systemd-homewor" name=".#rich7c61b494c6f1bd9c" scontext=system_u:system_r:systemd_homework_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1
Oct 08 18:42:47 fedora audit[3061]: AVC avc:  denied  { write } for  pid=3061 comm="systemd-homewor" path=2F7661722F63616368652F73797374656D642F686F6D652F2E2372696368376336316234393463366631626439632F23343535323835202864656C6574656429 dev="sda3" ino=455285 scontext=system_u:system_r:systemd_homework_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=file permissive=1
Oct 08 18:42:47 fedora audit[3061]: AVC avc:  denied  { setattr } for  pid=3061 comm="systemd-homewor" name="#455285" dev="sda3" ino=455285 scontext=system_u:system_r:systemd_homework_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=file permissive=1
Oct 08 18:42:47 fedora audit[3061]: AVC avc:  denied  { link } for  pid=3061 comm="systemd-homewor" name="#455285" dev="sda3" ino=455285 scontext=system_u:system_r:systemd_homework_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=file permissive=1
Oct 08 18:42:47 fedora audit[3061]: AVC avc:  denied  { remove_name } for  pid=3061 comm="systemd-homewor" name=".#rich7c61b494c6f1bd9c" dev="sda3" ino=455284 scontext=system_u:system_r:systemd_homework_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1
Oct 08 18:42:47 fedora audit[3061]: AVC avc:  denied  { rename } for  pid=3061 comm="systemd-homewor" name=".#rich7c61b494c6f1bd9c" dev="sda3" ino=455284 scontext=system_u:system_r:systemd_homework_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1
Oct 08 18:42:47 fedora audit[3061]: AVC avc:  denied  { rmdir } for  pid=3061 comm="systemd-homewor" name="rich" dev="sda3" ino=455283 scontext=system_u:system_r:systemd_homework_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1
Oct 08 18:44:56 fedora audit[911]: AVC avc:  denied  { remove_name } for  pid=911 comm="systemd-homed" name="avatar" dev="sda3" ino=455285 scontext=system_u:system_r:systemd_homed_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1
Oct 08 18:44:56 fedora audit[911]: AVC avc:  denied  { unlink } for  pid=911 comm="systemd-homed" name="avatar" dev="sda3" ino=455285 scontext=system_u:system_r:systemd_homed_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=file permissive=1
Oct 08 18:44:56 fedora audit[911]: AVC avc:  denied  { rmdir } for  pid=911 comm="systemd-homed" name="rich" dev="sda3" ino=455284 scontext=system_u:system_r:systemd_homed_t:s0 tcontext=system_u:object_r:systemd_homed_cache_t:s0 tclass=dir permissive=1
@zpytela zpytela merged commit 1c5e25f into fedora-selinux:rawhide Oct 21, 2024
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants