I have just configured a 8GB swap file on my Fedora 31 laptop. But it seems that SELinux is blocking access to the swap file.
SELinux is preventing systemd-sleep from read access on the file fedora.swap.
***** Plugin catchall (100. confidence) suggests **************************
If you believe that systemd-sleep should be allowed read access on the fedora.swap file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'systemd-sleep' --raw | audit2allow -M my-systemdsleep
# semodule -X 300 -i my-systemdsleep.pp
Additional Information:
Source Context system_u:system_r:init_t:s0
Target Context unconfined_u:object_r:swapfile_t:s0
Target Objects fedora.swap [ file ]
Source systemd-sleep
Source Path systemd-sleep
Port <Unknown>
Host localhost.HPNotebook
Source RPM Packages
Target RPM Packages
SELinux Policy RPM selinux-policy-3.14.4-50.fc31.noarch
Local Policy RPM selinux-policy-targeted-3.14.4-50.fc31.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name localhost.HPNotebook
Platform Linux localhost.HPNotebook 5.5.15-200.fc31.x86_64
#1 SMP Thu Apr 2 19:16:17 UTC 2020 x86_64 x86_64
Alert Count 1
First Seen 2020-04-13 21:12:22 IST
Last Seen 2020-04-13 21:12:22 IST
Local ID 39955636-b570-49ae-9286-ae92b49dc1c7
Raw Audit Messages
type=AVC msg=audit(1586792542.56:418): avc: denied { read } for pid=5603 comm="systemd-sleep" name="fedora.swap" dev="dm-1" ino=13 scontext=system_u:system_r:init_t:s0 tcontext=unconfined_u:object_r:swapfile_t:s0 tclass=file permissive=0
Hash: systemd-sleep,init_t,swapfile_t,file,read
***** Plugin catchall (100. confidence) suggests **************************
If you believe that systemd-sleep should be allowed read access on the fedora.swap file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'systemd-sleep' --raw | audit2allow -M my-systemdsleep
# semodule -X 300 -i my-systemdsleep.pp
Additional Information:
Source Context system_u:system_r:init_t:s0
Target Context unconfined_u:object_r:swapfile_t:s0
Target Objects fedora.swap [ file ]
Source systemd-sleep
Source Path systemd-sleep
Port <Unknown>
Host localhost.HPNotebook
Source RPM Packages
Target RPM Packages
SELinux Policy RPM selinux-policy-3.14.4-50.fc31.noarch
Local Policy RPM selinux-policy-targeted-3.14.4-50.fc31.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name localhost.HPNotebook
Platform Linux localhost.HPNotebook 5.5.15-200.fc31.x86_64
#1 SMP Thu Apr 2 19:16:17 UTC 2020 x86_64 x86_64
Alert Count 1
First Seen 2020-04-13 21:12:22 IST
Last Seen 2020-04-13 21:12:22 IST
Local ID 39955636-b570-49ae-9286-ae92b49dc1c7
Raw Audit Messages
type=AVC msg=audit(1586792542.56:418): avc: denied { read } for pid=5603 comm="systemd-sleep" name="fedora.swap" dev="dm-1" ino=13 scontext=system_u:system_r:init_t:s0 tcontext=unconfined_u:object_r:swapfile_t:s0 tclass=file permissive=0
Hash: systemd-sleep,init_t,swapfile_t,file,read
--
The above is the message I got from the SELinux trouble shooter.
This is the screenshot of the problem: https://imgur.com/a/1x55clI
What can I do ?
I don't know a whole lot about SELinux, do I have to add a label or something?
Please help.
Thanks.
Regards,
Sreyan Chakravarty
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
