Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1554001
Summary: | SELinux is preventing logrotate from using the 'dac_override' capabilities. | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Nicolas Mailhot <nicolas.mailhot> |
Component: | selinux-policy | Assignee: | Lukas Vrabec <lvrabec> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 29 | CC: | bugzilla, dwalsh, lvrabec, mgrepl, nicolas.mailhot, plautrba, pmoore, vondruch |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Unspecified | ||
Whiteboard: | abrt_hash:999678531a28550d4bb624a7552e9faa0d821e1dade5e14526fc06578e278904;VARIANT_ID=workstation; | ||
Fixed In Version: | selinux-policy-3.14.2-15.fc29 selinux-policy-3.14.2-34.fc29 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2018-09-12 02:58:50 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Nicolas Mailhot
2018-03-10 16:29:02 UTC
***** Plugin dac_override (91.4 confidence) suggests ********************** Si vous souhaitez identifier si le domaine nécessite cet accès ou si vous possédez un fichier avec les mauvaises permissions sur votre système Then activez le contrôle complet pour obtenir les informations de chemin du fichier fautif et générer l'erreur à nouveau. Do Activer le contrôle complet # auditctl -w /etc/shadow -p w Tentez de recréer AVC. Puis exécutez # ausearch -m avc -ts recent Si vous voyez un enregistrement PATH, vérifiez les propriétés/permissions du fichier, et corrigez-les, sinon veuillez effectuer un rapport bugzilla. Seems like this is a dup of 1539327? This bug appears to have been reported against 'rawhide' during the Fedora 29 development cycle. Changing version to '29'. selinux-policy-3.14.2-34.fc29 has been submitted as an update to Fedora 29. https://bodhi.fedoraproject.org/updates/FEDORA-2018-db240a1726 selinux-policy-3.14.2-34.fc29 has been pushed to the Fedora 29 stable repository. If problems still persist, please make note of it in this bug report. The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days |