I just did:
dnf install gftp fping mplayer wireshar* youtube-dl
And got:
SELinux is preventing pool from getattr access on the file /etc/gshadow.
***** Plugin catchall (100. confidence) suggests **************************
If you believe that pool should be allowed getattr access on the gshadow file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'pool' --raw | audit2allow -M my-pool # semodule -X 300 -i my-pool.pp
Additional Information: Source Context unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 Target Context system_u:object_r:shadow_t:s0 Target Objects /etc/gshadow [ file ] Source pool Source Path pool Port <Unknown> Host lx121e.htt-consult.com Source RPM Packages Target RPM Packages setup-2.11.4-1.fc28.noarch Policy RPM selinux-policy-3.14.1-29.fc28.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name lx121e.htt-consult.com Platform Linux lx121e.htt-consult.com 4.16.11-300.fc28.x86_64 #1 SMP Tue May 22 18:29:09 UTC 2018 x86_64 x86_64 Alert Count 6 First Seen 2018-05-29 17:13:56 EDT Last Seen 2018-05-30 08:03:31 EDT Local ID b3355fe8-15e5-4422-9ccf-8794cd452416
Raw Audit Messages type=AVC msg=audit(1527681811.138:906): avc: denied { getattr } for pid=15866 comm="pool" path="/etc/gshadow" dev="sda3" ino=140981 scontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tcontext=system_u:object_r:shadow_t:s0 tclass=file permissive=0
Hash: pool,thumb_t,shadow_t,file,getattr
=============
Groups wireshark and usbmon have been added to /etc/groups...
So is this a bug? and with what? WIreshark? pool? something else?
thanks
-
Robert Moskowitz