On (15/03/22 18:45), Brian J. Murrell wrote:
I am getting some SELinux AVC alerts for a given process in a given
domain that seems to want to be able to read files in /var/lib/sss/.
strace(1)ing the (unprivileged) process it seem to want to do the following:
4024612 openat(AT_FDCWD, "/var/lib/sss/mc/passwd", O_RDONLY|O_CLOEXEC) = -1
EACCES (Permission denied)
Could you share ful reposort fom audit ?
e.g. ausearch -m AVC
Could you share SELinux context of affected files and directories?
e.g.
ls -lZ /var/lib/sss/ /var/lib/sss/*/
LS