Created
November 21, 2019 18:11
-
-
Save ohadlevy/19a62673bc17b2fd10c1761e8fe24df0 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
SELinux is preventing 11-dhclient from add_name access on the directory ntp.conf.predhclient.wlp58s0. | |
***** Plugin catchall (100. confidence) suggests ************************** | |
If you believe that 11-dhclient should be allowed add_name access on the ntp.conf.predhclient.wlp58s0 directory by default. | |
Then you should report this as a bug. | |
You can generate a local policy module to allow this access. | |
Do | |
allow this access for now by executing: | |
# ausearch -c '11-dhclient' --raw | audit2allow -M my-11dhclient | |
# semodule -X 300 -i my-11dhclient.pp | |
Additional Information: | |
Source Context system_u:system_r:NetworkManager_t:s0 | |
Target Context system_u:object_r:dhcpc_state_t:s0 | |
Target Objects ntp.conf.predhclient.wlp58s0 [ dir ] | |
Source 11-dhclient | |
Source Path 11-dhclient | |
Port <Unknown> | |
Host ohad | |
Source RPM Packages | |
Target RPM Packages | |
Policy RPM selinux-policy-3.14.4-40.fc31.noarch | |
Selinux Enabled True | |
Policy Type targeted | |
Enforcing Mode Enforcing | |
Host Name ohad | |
Platform Linux ohad 5.3.11-300.fc31.x86_64 #1 SMP Tue Nov | |
12 19:08:07 UTC 2019 x86_64 x86_64 | |
Alert Count 20 | |
First Seen 2019-11-19 20:30:32 IST | |
Last Seen 2019-11-21 19:39:43 IST | |
Local ID 2efa3eb0-96f1-41fa-b734-e369bd45bc9f | |
Raw Audit Messages | |
type=AVC msg=audit(1574357983.779:764): avc: denied { add_name } for pid=30302 comm="touch" name="ntp.conf.predhclient.wlp58s0" scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:object_r:dhcpc_state_t:s0 tclass=dir permissive=0 | |
Hash: 11-dhclient,NetworkManager_t,dhcpc_state_t,dir,add_name |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment