Bug ID 1201015
Summary transactional-update can't run with selinux=permissive under cloud-init
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Security
Assignee security-team@suse.de
Reporter fcrozat@suse.com
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

On openSUSE MicroOS, openstack flavor, I can't run transactional-updates from
cloud-init when SELinux is in enforcing mode:

type=USER_AVC msg=audit(1656516575.658:44): pid=565 uid=483 auid=4294967295
ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc: 
denied  { send_msg } for msgtype=method_return dest=:1.15 spid=1393 tpid=1392
scontext=system_u:system_r:snapperd_t:s0
tcontext=system_u:system_r:cloud_init_t:s0 tclass=dbus permissive=0 
exe="/usr/bin/dbus-daemon" sauid=483 hostname=? addr=? terminal=?'

You are receiving this mail because: