Bug ID | 1201015 |
---|---|
Summary | transactional-update can't run with selinux=permissive under cloud-init |
Classification | openSUSE |
Product | openSUSE Tumbleweed |
Version | Current |
Hardware | Other |
OS | Other |
Status | NEW |
Severity | Normal |
Priority | P5 - None |
Component | Security |
Assignee | security-team@suse.de |
Reporter | fcrozat@suse.com |
QA Contact | qa-bugs@suse.de |
Found By | --- |
Blocker | --- |
On openSUSE MicroOS, openstack flavor, I can't run transactional-updates from cloud-init when SELinux is in enforcing mode: type=USER_AVC msg=audit(1656516575.658:44): pid=565 uid=483 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc: denied { send_msg } for msgtype=method_return dest=:1.15 spid=1393 tpid=1392 scontext=system_u:system_r:snapperd_t:s0 tcontext=system_u:system_r:cloud_init_t:s0 tclass=dbus permissive=0 exe="/usr/bin/dbus-daemon" sauid=483 hostname=? addr=? terminal=?'