1225984 – [SELinux] GDM avcs for wtmp.db-journal

Bug 1225984 - [SELinux] GDM avcs for wtmp.db-journal

Summary: [SELinux] GDM avcs for wtmp.db-journal

Status:	RESOLVED FIXED

Alias:	None

Product:	openSUSE Tumbleweed
Classification:	openSUSE
Component:	Security (show other bugs)
Version:	Current
Hardware:	Other openSUSE Tumbleweed

Priority:	P5 - None Severity: Normal (vote)
Target Milestone:	---
Assignee:	Cathy Hu
QA Contact:	Security Team bot

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2024-06-05 08:25 UTC by Filippo Bonazzi
Modified:	2024-07-02 11:55 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Filippo Bonazzi 2024-06-05 08:25:37 UTC

Operating System: Tumbleweed
SELinux status, mode and policy name: permissive, targeted
SELinux policy version and repository: 20240411-231.2 from Security:SELinux
The software (incl. version) that is affected by the SELinux issue and the error message: gdm-session-worker
SELinux Audit log:

time->Wed Jun  5 10:05:30 2024
type=AVC msg=audit(1717574730.824:139): avc:  denied  { add_name } for  pid=1704 comm="gdm-session-wor" name="wtmp.db-journal" scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:wtmp_t:s0 tclass=dir permissive=1
----
time->Wed Jun  5 10:05:30 2024
type=AVC msg=audit(1717574730.824:140): avc:  denied  { create } for  pid=1704 comm="gdm-session-wor" name="wtmp.db-journal" scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:wtmp_t:s0 tclass=file permissive=1
----
time->Wed Jun  5 10:05:30 2024
type=AVC msg=audit(1717574730.824:141): avc:  denied  { setattr } for  pid=1704 comm="gdm-session-wor" name="wtmp.db-journal" dev="vda2" ino=158633 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:wtmp_t:s0 tclass=file permissive=1
----
time->Wed Jun  5 10:05:30 2024
type=AVC msg=audit(1717574730.961:142): avc:  denied  { remove_name } for  pid=1704 comm="gdm-session-wor" name="wtmp.db-journal" dev="vda2" ino=158633 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:wtmp_t:s0 tclass=dir permissive=1
----
time->Wed Jun  5 10:05:30 2024
type=AVC msg=audit(1717574730.961:143): avc:  denied  { unlink } for  pid=1704 comm="gdm-session-wor" name="wtmp.db-journal" dev="vda2" ino=158633 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:wtmp_t:s0 tclass=file permissive=1

Comment 1 Cathy Hu 2024-07-01 14:00:49 UTC

done, closing

Comment 2 OBSbugzilla Bot 2024-07-02 11:55:05 UTC

This is an autogenerated message for OBS integration:
This bug (1225984) was mentioned in
https://build.opensuse.org/request/show/1184840 Factory / selinux-policy