Estou recebendo este erro no meu CentOS 7 desktop. A seguir, o log detalhado.
SELinux is preventing /usr/sbin/abrtd from create access on the lnk_file .lock.
***** Plugin catchall (100. confidence) suggests **************************
If you believe that abrtd should be allowed create access on the .lock lnk_file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'abrtd' --raw | audit2allow -M my-abrtd
# semodule -i my-abrtd.pp
Additional Information:
Source Context system_u:system_r:abrt_t:s0-s0:c0.c1023
Target Context system_u:object_r:var_spool_t:s0
Target Objects .lock [ lnk_file ]
Source abrtd
Source Path /usr/sbin/abrtd
Port <Unknown>
Host bilesh.intra.2pirad.com
Source RPM Packages abrt-dbus-2.1.11-48.el7.centos.x86_64
Target RPM Packages
Policy RPM selinux-policy-3.13.1-166.el7_4.7.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name bilesh.intra.2pirad.com
Platform Linux bilesh.intra.2pirad.com
3.10.0-693.17.1.el7.x86_64 #1 SMP Thu Jan 25
20:13:58 UTC 2018 x86_64 x86_64
Alert Count 249
First Seen 2018-02-05 10:18:25 IST
Last Seen 2018-03-09 10:57:07 IST
Local ID 912e2a18-e121-4ff5-b14f-13862b277958
Raw Audit Messages
type=AVC msg=audit(1520573227.768:410): avc: denied { create } for pid=4784 comm="abrt-dbus" name=".lock" scontext=system_u:system_r:abrt_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_spool_t:s0 tclass=lnk_file
type=SYSCALL msg=audit(1520573227.768:410): arch=x86_64 syscall=symlinkat success=no exit=EACCES a0=7ffd63ccc850 a1=6 a2=7fe935f0a9d2 a3=0 items=0 ppid=1 pid=4784 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=abrt-dbus exe=/usr/sbin/abrt-dbus subj=system_u:system_r:abrt_t:s0-s0:c0.c1023 key=(null)
Hash: abrtd,abrt_t,var_spool_t,lnk_file,create
Como sugerido, tentei executar o seguinte comando, mas também não funcionou.
sudo ausearch -c 'abrtd' --raw | audit2allow -M my-abrtd
retorna o seguinte erro
could not write output file: [Errno 13] Permission denied: 'my-abrtd.te'
Estou precisando de orientação.
Atualização # 1
Como apontado por garethTheRed, o comando canalizado não tem permissão.
You are running
ausearch
as root with sudo, but you are piping that toaudit2allow
which won't be running as root. That tries to write to the current directory as your regular user, who doesn't have write access to it.
A seguir estão os comandos que eu executei.
$ sudo ausearch -c 'abrtd' --raw | sudo audit2allow -M my-abrtd
$ sudo semodule -i my-abrtd.pp
Mas isso não resolveu o problema. Ainda estou recebendo o mesmo erro.