On Tue, 21 Mar 2023 21:50:22 +0100 Patrick Dupre pdupre@gmx.com wrote:
I get the following SELinux security alert which seems to be difficult to fix because of the number of things to do.
I don't understand why you think two things to do is difficult.
Because, every time that I make semanage fcontext -a -t syslog_conf_t '/var/usermin/miniserv.pid' semanage fcontext -a -t NetworkManager_dispatcher_exec_t '/var/usermin/miniserv.pid' semanage fcontext -a -t NetworkManager_initrc_exec_t '/var/usermin/miniserv.pid' etc..
I get ValueError: File context for /var/usermin/miniserv.pid already defined
restorecon -v '/var/usermin/miniserv.pid' Relabeled /var/usermin/miniserv.pid from system_u:object_r:var_t:s0 to system_u:object_r:NetworkManager_dispatcher_console_var_run_t:s
semodule -X 300 -i my-systemd.pp libsemanage.semanage_direct_install_info: A higher priority my-systemd module exists at priority 400 and will override the module currently being installed at priority 300.
But, it always come back. I cannot get ride of the alerts
What if you try this? # ausearch -c 'systemd' --raw | audit2allow -M my-miniserv-systemd # semodule -X 450 -i my-miniserv-systemd.pp