Fedora 27 workstation. I'm getting selinux AVC denial messages in the
journal as a result of user-1000.journal having label
system_u:object_r:unlabeled_t:s0. It's the only log file with that
label, the other files and the directory its in have
system_u:object_r:var_log_t:s0.
The AVC message of course go away if I relabel /var/log/journal but
then maybe two weeks later the problem starts happening again when the
log gets rotated. For whatever reason this is not happening with the
system.journal.
Dec 15 15:54:47 f27h.localdomain audit[640]: AVC avc: denied { read
write } for pid=640 comm="systemd-journal" name="user-1000.journal"
dev="nvme0n1p9" ino=1174 scontext=system_u:system_r:syslogd_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
Is this a systemd or selinux-policy bug? Or other?
--
Chris Murphy
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
