F30 logwatch gets selinux error

Wed, 21 Aug 2019 13:29:39 -0700

I get this error every few days.  Is this some permission I have not set or a bug to report: 

SELinux is preventing mkdir from using the dac_override capability.

*****  Plugin dac_override (91.4 confidence) suggests **********************
If you want to help identify if domain needs this access or you have a file with the wrong permissions on your system Then turn on full auditing to get path information about the offending file and generate the error again. 
Do

Turn on full auditing
# auditctl -w /etc/shadow -p w
Try to recreate AVC. Then execute
# ausearch -m avc -ts recent
If you see PATH record check ownership/permissions on file, and fix it,
otherwise report as a bugzilla.

*****  Plugin catchall (9.59 confidence) suggests **************************
If you believe that mkdir should have the dac_override capability by default. 
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'mkdir' --raw | audit2allow -M my-mkdir
# semodule -X 300 -i my-mkdir.pp

Additional Information:
Source Context system_u:system_r:logwatch_mail_t:s0-s0:c0.c1023
Target Context system_u:system_r:logwatch_mail_t:s0-s0:c0.c1023
Target Objects                Unknown [ capability ]
Source                        mkdir
Source Path                   mkdir
Port                          <Unknown>
Host                          lx140e.htt-consult.com
Source RPM Packages
Target RPM Packages
Policy RPM                    selinux-policy-3.14.3-43.fc30.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     lx140e.htt-consult.com
Platform                      Linux lx140e.htt-consult.com 5.2.8-200.fc30.x86_64                               #1 SMP Sat Aug 10 13:21:39 UTC 2019 x86_64 x86_64 
Alert Count                   145
First Seen                    2019-06-26 03:29:06 EDT
Last Seen                     2019-08-21 03:13:07 EDT
Local ID                      94d550fd-c6a6-4fd9-aad1-30548760cfe0

Raw Audit Messages
type=AVC msg=audit(1566371587.548:885): avc:  denied  { dac_override } for  pid=1145 comm="sendmail" capability=1 scontext=system_u:system_r:logwatch_mail_t:s0-s0:c0.c1023 tcontext=system_u:system_r:logwatch_mail_t:s0-s0:c0.c1023 tclass=capability permissive=0 


Hash: mkdir,logwatch_mail_t,logwatch_mail_t,capability,dac_override

_______________________________________________
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org

Reply via email to