I have a problem in F23 (that wasn't in F22), where getmail (or its feed
into qmail) doesn't work in enforcing mode. I first tried using audit2allow
to whitelist all of the avcs. That didn't work. Then I used semodule -DB
in case there was a don't audit rule and then used audit2allow again to
get the data for a local semodule and it still didn't work. I am seeing
a user avc in the logs, that I suspect isn't getting handled by
audit2allow, but I am not sure how to say its OK or change things so I
don't hit it:
type=USER_AVC msg=audit(1443471901.485:584): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission stop for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
I tried searching for some of the text, but I didn't find any relevant
references.
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
