https://bugzilla.suse.com/show_bug.cgi?id=1224120
https://bugzilla.suse.com/show_bug.cgi?id=1224120#c4
--- Comment #4 from Zdenek Kubala ---
I tried to reproduce snapper AVCs on clean MicroOS but so far without success.
localhost:~ # snapper list
# │ Type │ Pre # │ Date │ User │ Used Space │ Cleanup │
Description │ Userdata
───┼────────┼───────┼──────────────────────────┼──────┼────────────┼─────────┼───────────────────────┼─────────
0 │ single │ │ │ root │ │ │
current │
1 │ single │ │ Fri May 24 09:24:42 2024 │ root │ 113.16 MiB │ │
first root filesystem │
2* │ single │ │ Mon May 27 10:41:03 2024 │ root │ 129.81 MiB │ number │
Snapshot Update of #1 │
localhost:~ # ausearch -m AVC,USER_AVC,SELINUX_ERR,USER_SELINUX_ERR -ts boot
<no matches>
localhost:~ # sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Memory protection checking: actual (secure)
Max kernel policy version: 33
localhost:~ # zypper info selinux-policy
Loading repository data...
Reading installed packages...
Information for package selinux-policy:
---------------------------------------
Repository : openSUSE-Tumbleweed-Oss
Name : selinux-policy
Version : 20240321-1.2
Arch : noarch
Vendor : openSUSE
Installed Size : 24.8 KiB
Installed : Yes (automatically)
Status : up-to-date
Source package : selinux-policy-20240321-1.2.src
Upstream URL : https://github.com/fedora-selinux/selinux-policy.git
Summary : SELinux policy configuration
Description :
SELinux Reference Policy. A complete SELinux policy that can be used
as the system policy for a variety of systems and used as the basis for
creating other policies.
localhost:~ # ausearch -m AVC,USER_AVC,SELINUX_ERR,USER_SELINUX_ERR -ts boot
<no matches>
--
You are receiving this mail because:
You are on the CC list for the bug.