SELinux security alert keeps flashing
at the top of the screen
and disrupts the function of the system,
so much that
I cannot use
fedora 41 workstation!
I have no idea what
iii-sensor-prox
does,
If it is dangerous, or useful.
Plugin catchall (100. confidence) suggests **********************
If you believe that iio-sensor-prox should be allowed create access on unix_dgram_socket labeled iiosensorproxy_t by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'iio-sensor-prox' --raw | audit2allow -M my-iiosensorprox
# semodule -X 300 -i my-iiosensorprox.pp
Additional Information:
Source Context system_u:system_r:iiosensorproxy_t:s0
Target Context system_u:system_r:iiosensorproxy_t:s0
Target Objects Unknown [ unix_dgram_socket ]
Source iio-sensor-prox
Source Path iio-sensor-prox
Port <Unknown>
Host fedora
Source RPM Packages
Target RPM Packages
SELinux Policy RPM selinux-policy-targeted-41.24-1.fc41.noarch
Local Policy RPM selinux-policy-targeted-41.24-1.fc41.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name fedora
Platform Linux fedora 6.11.7-300.fc41.x86_64 #1 SMP
PREEMPT_DYNAMIC Fri Nov 8 19:23:10 UTC 2024
x86_64
Alert Count 240
First Seen 2024-11-11 16:50:41 EET
Last Seen 2024-11-11 16:59:33 EET
Local ID e3820aba-cf61-40a1-be33-4a092aecb5ad
Raw Audit Messages
type=AVC msg=audit(1731337173.637:534): avc: denied { create } for pid=836 comm="iio-sensor-prox" scontext=system_u:system_r:iiosensorproxy_t:s0 tcontext=system_u:system_r:iiosensorproxy_t:s0 tclass=unix_dgram_socket permissive=0
Hash: iio-sensor-prox,iiosensorproxy_t,iiosensorproxy_t,unix_dgram_socket,create