http://bugzilla.opensuse.org/show_bug.cgi?id=1210121 Bug ID: 1210121 Summary: SELinux possible missing policies for systemd-localed and systemd-hostnamed Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: All OS: openSUSE Tumbleweed Status: NEW Severity: Minor Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: khanich.opensource@gmx.de QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- tested on: openSUSE microOS Raspberry Pi 4 On a fresh install of microOS, systemd-localed and systemd-hostnamed can only answer dbus calls via localectl and hostnamectl respectively if you run it as root yourself. If you let a script call them, localectl and hostnamectl time out and I get a USER_AVC that systemd-localed and systemd-hostnamed got blocked. If I add the policies "allow systemd_hostnamed_t initrc_t:dbus send_msg;" and "allow systemd_localed_t initrc_t:dbus send_msg;" respectively, this doesn't happen. So, my question is, if it is intended that hostnamed and localed can't answer or if that is unintended. -- You are receiving this mail because: You are on the CC list for the bug.