Hi Vadym, here are 2 bugs which describe similar symptoms: * https://bugzilla.redhat.com/show_bug.cgi?id=1014315 (Fedora) * https://bugzilla.redhat.com/show_bug.cgi?id=1132411 (RHEL-7) Milos Malik ----- Original Message ----- > Hi, > > I stumbled on a case in RHEL7, where selinux blocks calls to systemd > I know it's SELinux, because everything work properly after setenforce 0 > > I added a simple manifest rules to puppet: > > exec { 'update TZ': > command => "/bin/timedatectl set-timezone ${timezone}", > unless => "/bin/timedatectl status | /bin/grep -q ${timezone}", > } > > what's interesting, even after I ran > > semodule --disable_dontaudit --build > > I don't see any denials. > > But then I created a simple cron job : > > # cat /etc/cron.d/debug > > * * * * * root /bin/timedatectl status &> /tmp/timedatectl.status > > # cat /tmp/timedatectl.status > > Failed to issue method call: Did not receive a reply. Possible causes > include: the remote application did not send a reply, the message bus > security policy blocked the reply, the reply timeout expired, or the > network connection was broken. > > So it's not only puppet related. > > Is this intended behavior? Some boolean I have to change? > > > Thanks, > > Vadym > > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
