Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1808527
Summary: | SELinux prevents usbguard from logging via Linux audit subsystem | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Milos Malik <mmalik> |
Component: | usbguard | Assignee: | Daniel Kopeček <dkopecek> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 32 | CC: | dkopecek, rsroka |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | usbguard-0.7.8-1.fc32 usbguard-0.7.8-1.fc31 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2020-07-03 01:18:25 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Milos Malik
2020-02-28 18:07:55 UTC
---- type=PROCTITLE msg=audit(02/28/2020 13:08:18.364:499) : proctitle=/usr/sbin/usbguard-daemon -k -c /etc/usbguard/usbguard-daemon.conf type=SYSCALL msg=audit(02/28/2020 13:08:18.364:499) : arch=x86_64 syscall=socket success=yes exit=9 a0=netlink a1=SOCK_RAW a2=igp a3=0x20 items=0 ppid=1 pid=2217 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=usbguard-daemon exe=/usr/sbin/usbguard-daemon subj=system_u:system_r:usbguard_t:s0 key=(null) type=AVC msg=audit(02/28/2020 13:08:18.364:499) : avc: denied { create } for pid=2217 comm=usbguard-daemon scontext=system_u:system_r:usbguard_t:s0 tcontext=system_u:system_r:usbguard_t:s0 tclass=netlink_audit_socket permissive=1 ---- type=PROCTITLE msg=audit(02/28/2020 13:08:18.366:500) : proctitle=/usr/sbin/usbguard-daemon -k -c /etc/usbguard/usbguard-daemon.conf type=SOCKADDR msg=audit(02/28/2020 13:08:18.366:500) : saddr={ saddr_fam=netlink nlnk-fam=16 nlnk-pid=0 } type=SYSCALL msg=audit(02/28/2020 13:08:18.366:500) : arch=x86_64 syscall=sendto success=yes exit=652 a0=0x9 a1=0x7fff6cca1a80 a2=0x28c a3=0x0 items=0 ppid=1 pid=2217 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=usbguard-daemon exe=/usr/sbin/usbguard-daemon subj=system_u:system_r:usbguard_t:s0 key=(null) type=AVC msg=audit(02/28/2020 13:08:18.366:500) : avc: denied { nlmsg_relay } for pid=2217 comm=usbguard-daemon scontext=system_u:system_r:usbguard_t:s0 tcontext=system_u:system_r:usbguard_t:s0 tclass=netlink_audit_socket permissive=1 ---- FEDORA-2020-f502be60a4 has been submitted as an update to Fedora 32. https://bodhi.fedoraproject.org/updates/FEDORA-2020-f502be60a4 FEDORA-2020-c30d6afc1c has been submitted as an update to Fedora 31. https://bodhi.fedoraproject.org/updates/FEDORA-2020-c30d6afc1c FEDORA-2020-c30d6afc1c has been pushed to the Fedora 31 testing repository. In short time you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-c30d6afc1c` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-c30d6afc1c See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2020-f502be60a4 has been pushed to the Fedora 32 testing repository. In short time you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-f502be60a4` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-f502be60a4 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2020-f502be60a4 has been pushed to the Fedora 32 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2020-c30d6afc1c has been pushed to the Fedora 31 stable repository. If problem still persists, please make note of it in this bug report. |