Running Fedora-33 Server connected to freeipa I am getting the following message multiple times. Selinux is in permissive mode now so I can try to find the issue.
setroubleshoot[19251]: SELinux is preventing (-userdbd) from remount access on the filesystem . For complete SELinux messages run: sealert -l 8aae00eb-7e96-4d10-99aa-83de15990002
OUTPUT
SELinux is preventing (-userdbd) from remount access on the filesystem .
***** Plugin catchall (100. confidence) suggests **************************
If you believe that (-userdbd) should be allowed remount access on the filesystem by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c '(-userdbd)' --raw | audit2allow -M my-userdbd
# semodule -X 300 -i my-userdbd.pp
Additional Information:
Source Context system_u:system_r:init_t:s0
Target Context system_u:object_r:httpd_sys_content_t:s0
Target Objects [ filesystem ]
Source (-userdbd)
Source Path (-userdbd)
Port
Host pi.thillo.lan
Source RPM Packages
Target RPM Packages
SELinux Policy RPM selinux-policy-targeted-3.14.6-29.fc33.noarch
Local Policy RPM selinux-policy-targeted-3.14.6-29.fc33.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Permissive
Host Name pi.thillo.lan
Platform Linux pi.thillo.lan 5.8.17-300.fc33.aarch64 #1 SMP
Thu Oct 29 15:47:23 UTC 2020 aarch64 aarch64
Alert Count 74
First Seen 2020-10-28 10:26:58 CET
Last Seen 2020-11-06 07:39:18 CET
Local ID 8aae00eb-7e96-4d10-99aa-83de15990002
Raw Audit Messages
type=AVC msg=audit(1604644758.437:3964): avc: denied { remount } for pid=19230 comm="(ostnamed)" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=filesystem permissive=1
Hash: (-userdbd),init_t,httpd_sys_content_t,filesystem,remount
Does anyone know how I can do further debugging or point me to a possible solution?