https://bugzilla.suse.com/show_bug.cgi?id=1225984 Bug ID: 1225984 Summary: [SELinux] GDM avcs for wtmp.db-journal Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: openSUSE Tumbleweed Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: filippo.bonazzi@suse.com QA Contact: security-team@suse.de Target Milestone: --- Found By: --- Blocker: --- Operating System: Tumbleweed SELinux status, mode and policy name: permissive, targeted SELinux policy version and repository: 20240411-231.2 from Security:SELinux The software (incl. version) that is affected by the SELinux issue and the error message: gdm-session-worker SELinux Audit log: time->Wed Jun 5 10:05:30 2024 type=AVC msg=audit(1717574730.824:139): avc: denied { add_name } for pid=1704 comm="gdm-session-wor" name="wtmp.db-journal" scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:wtmp_t:s0 tclass=dir permissive=1 ---- time->Wed Jun 5 10:05:30 2024 type=AVC msg=audit(1717574730.824:140): avc: denied { create } for pid=1704 comm="gdm-session-wor" name="wtmp.db-journal" scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:wtmp_t:s0 tclass=file permissive=1 ---- time->Wed Jun 5 10:05:30 2024 type=AVC msg=audit(1717574730.824:141): avc: denied { setattr } for pid=1704 comm="gdm-session-wor" name="wtmp.db-journal" dev="vda2" ino=158633 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:wtmp_t:s0 tclass=file permissive=1 ---- time->Wed Jun 5 10:05:30 2024 type=AVC msg=audit(1717574730.961:142): avc: denied { remove_name } for pid=1704 comm="gdm-session-wor" name="wtmp.db-journal" dev="vda2" ino=158633 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:wtmp_t:s0 tclass=dir permissive=1 ---- time->Wed Jun 5 10:05:30 2024 type=AVC msg=audit(1717574730.961:143): avc: denied { unlink } for pid=1704 comm="gdm-session-wor" name="wtmp.db-journal" dev="vda2" ino=158633 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:wtmp_t:s0 tclass=file permissive=1 -- You are receiving this mail because: You are on the CC list for the bug.