September 2024 - openSUSE Bugs - openSUSE Mailing Lists

[Bug 1228281] [SELinux] need policy for snapper plugins
by bugzilla_noreply＠suse.com 02 Sep '24

02 Sep '24

https://bugzilla.suse.com/show_bug.cgi?id=1228281 https://bugzilla.suse.com/show_bug.cgi?id=1228281#c4 Zdenek Kubala <zkubala(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |INVALID --- Comment #4 from Zdenek Kubala <zkubala(a)suse.com> --- no denials found, closing. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1230000] The NVIDIA driver was unable to open 'libnvidia-glvkspirv.so.470.256.02'. This library is required at run time.
by bugzilla_noreply＠suse.com 02 Sep '24

02 Sep '24

https://bugzilla.suse.com/show_bug.cgi?id=1230000 https://bugzilla.suse.com/show_bug.cgi?id=1230000#c6 --- Comment #6 from Stefan Dirsch <sndirsch(a)suse.com> --- Ok. Complete shot in the dark. Try this: pushd /usr/lib64 sudo ln -snf libnvidia-glvkspirv.so.470.256.02 libnvidia-glvkspirv.so.1 sudo ln -snf libnvidia-glvkspirv.so.1 libnvidia-glvkspirv.so popd pushd /usr/lib sudo ln -snf libnvidia-glvkspirv.so.470.256.02 libnvidia-glvkspirv.so.1 sudo ln -snf libnvidia-glvkspirv.so.1 libnvidia-glvkspirv.so popd -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1230018] New: AUDIT-0: deepin-system-monitor: new dbus services of deepin-api-proxy
by bugzilla_noreply＠suse.com 02 Sep '24

02 Sep '24

https://bugzilla.suse.com/show_bug.cgi?id=1230018 Bug ID: 1230018 Summary: AUDIT-0: deepin-system-monitor: new dbus services of deepin-api-proxy Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team(a)suse.de Reporter: hillwoodroc(a)gmail.com QA Contact: qa-bugs(a)suse.de Target Milestone: --- Found By: --- Blocker: --- Created attachment 877090 --> https://bugzilla.suse.com/attachment.cgi?id=877090&action=edit new dbus service The deepin-system-monitor is a part of Deepin Desktop v23, I am going to bring it to Tumbleweed. Please check new dbus services and whitelist them, If these dbus services do not have security issues. OBS devel project: https://build.opensuse.org/package/show/X11:Deepin:Factory/deepin-system-mo… Upstream: https://github.com/linuxdeepin/deepin-system-monitor -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1229906] iperf3 segfault&abort when running the kernel self-test script
by bugzilla_noreply＠suse.com 02 Sep '24

02 Sep '24

https://bugzilla.suse.com/show_bug.cgi?id=1229906 Dirk Mueller <dmueller(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://github.com/esnet/ip | |erf/issues/1750 -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1230004] Can't change the hostname via gnome-control-center
by bugzilla_noreply＠suse.com 02 Sep '24

02 Sep '24

https://bugzilla.suse.com/show_bug.cgi?id=1230004 https://bugzilla.suse.com/show_bug.cgi?id=1230004#c7 --- Comment #7 from Müller <hotel-brot.0z(a)icloud.com> --- I would like to point out that I expressed myself incorrectly. Richard doesn't agree to fix the bug specifically for aeon. he would prefer the bug to be fixed in general. I'm sorry I expressed myself incorrectly I'll try to prove tonight that selinux is the problem by turning it off briefly etc. I'm still at work at the moment -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1229965] U-Boot on HiFive Unmatched is lacking bootflow sub-commands
by bugzilla_noreply＠suse.com 02 Sep '24

02 Sep '24

https://bugzilla.suse.com/show_bug.cgi?id=1229965 https://bugzilla.suse.com/show_bug.cgi?id=1229965#c1 Andreas Schwab <schwab(a)suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugzilla.suse.com/s | |how_bug.cgi?id=1226194 --- Comment #1 from Andreas Schwab <schwab(a)suse.de> --- It also lacks btrfs support. The choice of BOTTSTD_DEFAULTS vs BOOTSTD_FULL is an upstream issue. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1230004] Can't change the hostname via gnome-control-center
by bugzilla_noreply＠suse.com 02 Sep '24

02 Sep '24

https://bugzilla.suse.com/show_bug.cgi?id=1230004 https://bugzilla.suse.com/show_bug.cgi?id=1230004#c6 --- Comment #6 from Filippo Bonazzi <filippo.bonazzi(a)suse.com> --- Some pointers for further investigation: https://en.opensuse.org/Portal:SELinux/Troubleshooting SELinux bug report template and guidelines: https://en.opensuse.org/openSUSE:Bugreport_SELinux -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1230004] Can't change the hostname via gnome-control-center
by bugzilla_noreply＠suse.com 02 Sep '24

02 Sep '24

https://bugzilla.suse.com/show_bug.cgi?id=1230004 https://bugzilla.suse.com/show_bug.cgi?id=1230004#c5 Dario Faggioli <dfaggioli(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags| |needinfo?(hotel-brot.0z@icl | |oud.com) CC| |dfaggioli(a)suse.com, | |hotel-brot.0z(a)icloud.com --- Comment #5 from Dario Faggioli <dfaggioli(a)suse.com> --- Müller, have you verified that it's actually SELinux? I know that I mentioned myself that I seemed to recall that the problem came from it but, as we said in the channel, that needs to be verified and evidence reported. I'm not an expert of SELinux logs, but I'm not sure what you pasted contains enough evidences of that... Usually, one way of checking that is to set SELinux to permissive and see if what was failing becomes possible. If yes, then the investigation can continue in that direction. If not, it might be something else. Have you tried anything like that? -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1211374] AUDIT-WHITELIST: deepin-app-services: new dbus services of deepin-app-services
by bugzilla_noreply＠suse.com 02 Sep '24

02 Sep '24

https://bugzilla.suse.com/show_bug.cgi?id=1211374 https://bugzilla.suse.com/show_bug.cgi?id=1211374#c21 Matthias Gerstner <matthias.gerstner(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|AUDIT-STALE: |AUDIT-WHITELIST: |deepin-app-services: new |deepin-app-services: new |dbus services of |dbus services of |deepin-app-services |deepin-app-services --- Comment #21 from Matthias Gerstner <matthias.gerstner(a)suse.com> --- Yes this looks better now. I will whitelist this soon. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1230011] New: [SELinux] systemd ibft rule generator denials in sl micro 6.1
by bugzilla_noreply＠suse.com 02 Sep '24

02 Sep '24

https://bugzilla.suse.com/show_bug.cgi?id=1230011 Bug ID: 1230011 Summary: [SELinux] systemd ibft rule generator denials in sl micro 6.1 Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team(a)suse.de Reporter: cathy.hu(a)suse.com QA Contact: security-team(a)suse.de Target Milestone: --- Found By: --- Blocker: --- sl micro 6.1 e.g. https://openqa.suse.de/tests/15296630#step/health_check/29 avc: denied { write } for pid=1851 comm="mkdir" name="udev" dev="tmpfs" ino=70 scontext=system_u:system_r:systemd_ibft_rule_generator_t:s0 tcontext=system_u:object_r:udev_var_run_t:s0 tclass=dir permissive=1 avc: denied { add_name } for pid=1851 comm="mkdir" name="rules.d" scontext=system_u:system_r:systemd_ibft_rule_generator_t:s0 tcontext=system_u:object_r:udev_var_run_t:s0 tclass=dir permissive=1 avc: denied { create } for pid=1851 comm="mkdir" name="rules.d" scontext=system_u:system_r:systemd_ibft_rule_generator_t:s0 tcontext=system_u:object_r:udev_var_run_t:s0 tclass=dir permissive=1 avc: denied { write } for pid=693 comm="mkdir" name="udev" dev="tmpfs" ino=58 scontext=system_u:system_r:systemd_ibft_rule_generator_t:s0 tcontext=system_u:object_r:udev_var_run_t:s0 tclass=dir permissive=1 avc: denied { add_name } for pid=693 comm="mkdir" name="rules.d" scontext=system_u:system_r:systemd_ibft_rule_generator_t:s0 tcontext=system_u:object_r:udev_var_run_t:s0 tclass=dir permissive=1 avc: denied { create } for pid=693 comm="mkdir" name="rules.d" scontext=system_u:system_r:systemd_ibft_rule_generator_t:s0 tcontext=system_u:object_r:udev_var_run_t:s0 tclass=dir permissive=1 avc: denied { write } for pid=679 comm="mkdir" name="udev" dev="tmpfs" ino=58 scontext=system_u:system_r:systemd_ibft_rule_generator_t:s0 tcontext=system_u:object_r:udev_var_run_t:s0 tclass=dir permissive=1 avc: denied { add_name } for pid=679 comm="mkdir" name="rules.d" scontext=system_u:system_r:systemd_ibft_rule_generator_t:s0 tcontext=system_u:object_r:udev_var_run_t:s0 tclass=dir permissive=1 avc: denied { create } for pid=679 comm="mkdir" name="rules.d" scontext=system_u:system_r:systemd_ibft_rule_generator_t:s0 tcontext=system_u:object_r:udev_var_run_t:s0 tclass=dir permissive=1 Overall unique AVCs: sle-micro/6.1 avc: denied { add_name } comm="mkdir" scontext=system_u:system_r:systemd_ibft_rule_generator_t:s0 tcontext=system_u:object_r:udev_var_run_t:s0 tclass=dir permissive=1 avc: denied { create } comm="mkdir" scontext=system_u:system_r:systemd_ibft_rule_generator_t:s0 tcontext=system_u:object_r:udev_var_run_t:s0 tclass=dir permissive=1 avc: denied { write } comm="mkdir" scontext=system_u:system_r:systemd_ibft_rule_generator_t:s0 tcontext=system_u:object_r:udev_var_run_t:s0 tclass=dir permissive=1 -- You are receiving this mail because: You are on the CC list for the bug.

1 0