Who should be owner of /run/systemd/users/1000?? root or 1000?

Wed, 02 Nov 2022 06:19:50 -0700 

On one of my machines I noticed a bunch of little pop up 
messages that don't say much but say opps and that it is 
probable automatically being reported.

In looking at messages it shows a lot of things about 
seline and seems linked to /run/systemd/users/1000

Looking at directory, see it showing the owner as root 
and not 1000?

cd /run/systemd/users/
[root@setzconote users]# ls -l
-rw-r--r--. 1 root root 257 Oct 31 08:42 1000

looking at message log it says to run this command.
sealert -l c9b47966-9b7c-4eeb-a209-b8b4034caba9
SELinux is preventing dbus-daemon from read access on the file 1000.

*****  Plugin catchall (100. confidence) suggests   **************************

If you believe that dbus-daemon should be allowed read access on the 1000 file 
by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'dbus-daemon' --raw | audit2allow -M my-dbusdaemon
# semodule -X 300 -i my-dbusdaemon.pp


Additional Information:
Source Context                system_u:system_r:gnome_atspi_t:s0-s0:c0.c1023
Target Context                system_u:object_r:systemd_logind_var_run_t:s0
Target Objects                1000 [ file ]
Source                        dbus-daemon
Source Path                   dbus-daemon
Port                          <Unknown>
Host                          setzco.dyndns.org
Source RPM Packages           
Target RPM Packages           
SELinux Policy RPM            selinux-policy-targeted-35.19-1.fc35.noarch
Local Policy RPM              selinux-policy-targeted-35.19-1.fc35.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Permissive
Host Name                     setzco.dyndns.org
Platform                      Linux setzco.dyndns.org 6.0.5-100.fc35.x86_64 #1
                              SMP PREEMPT_DYNAMIC Wed Oct 26 16:27:59 UTC 2022
                              x86_64 x86_64
Alert Count                   43
First Seen                    2022-10-29 17:13:40 ChST
Last Seen                     2022-11-02 22:59:29 ChST
Local ID                      c9b47966-9b7c-4eeb-a209-b8b4034caba9

Raw Audit Messages
type=AVC msg=audit(1667393969.159:396): avc:  denied  { read } for  
pid=1494 comm="dbus-daemon" name="1000" dev="tmpfs" ino=1692 
scontext=system_u:system_r:gnome_atspi_t:s0-s0:c0.c1023 
tcontext=system_u:object_r:systemd_logind_var_run_t:s0 tclass=file 
permissive=1


Hash: dbus-daemon,gnome_atspi_t,systemd_logind_var_run_t,file,read

Other machines don't seem to show these messages, but 
haven't looked in logs. Seems it is only right after boot 
and login, and the fill about 3 screens full of messages, 
but then the just all close and normal desktop is left??


+------------------------------------------------------------+
 Michael D. Setzer II - Computer Science Instructor (Retired)     
 mailto:mi...@guam.net                            
 mailto:msetze...@gmail.com
 Guam - Where America's Day Begins                        
 G4L Disk Imaging Project maintainer 
 http://sourceforge.net/projects/g4l/
+------------------------------------------------------------+



_______________________________________________
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Reply via email to