Bonjour,
ce matin mise à jour du kernel 4.12.5-300.fc26.x86_64.
J'ai SELinux en authoritativ.
au reboot 8 alertes.
SELinux is preventing mkdir from write access on the directory /root
SELinux is preventing accounts-daemon from using the dac_read_search capability
SELinux is preventing unix_chkpwd from using the dac_read_search capability
SELinux is preventing rpc.statd from using the dac_read_search capability
SELinux is preventing unix_chkpwd from using the dac_read_search capability
SELinux is preventing systemd-logind from using the dac_read_search capability
SELinux is preventing systemd-tmpfile from using the dac_read_search capability
SELinux is preventing /usr/bin/rpcbind from using the dac_read_search capability
Dois-je faire un par un ? ou attendre une remise à jour des contexts ?
Vous pouvez générer un module de stratégie local pour autoriser cet accès.
Do
allow this access for now by executing:
# ausearch -c 'mkdir' --raw | audit2allow -M my-mkdir
# semodule -X 300 -i my-mkdir.pp
Bonne soirée