Skip to content
This repository has been archived by the owner on Dec 9, 2022. It is now read-only.

org.freedesktop.DBus.Error.AccessDenied #68

Open
ghost opened this issue Feb 2, 2018 · 0 comments
Open

org.freedesktop.DBus.Error.AccessDenied #68

ghost opened this issue Feb 2, 2018 · 0 comments

Comments

@ghost
Copy link

ghost commented Feb 2, 2018
edited by ghost
Loading

My server is CentOS 7.4. I installed setroubleshoot-server (Version is 3.2.28.) via yum, so that cockpit can collect SELinux alerts. Then I find some error logs in /var/log/message:

Feb  1 23:29:32 0x01 dbus[524]: [system] Rejected send message, 1 matched rules; type="method_call", sender=":1.338" (uid=1000 pid=13163 comm="cockpit-bridge ") interface="org.freedesktop.DBus.Properties" member="GetAll" error name="(unset)" requested_reply="0" destination="org.fedoraproject.SetroubleshootFixit" (uid=0 pid=13598 comm="/usr/bin/python /usr/share/setroubleshoot/Setroubl")
Feb  1 23:29:32 0x01 dbus-daemon: dbus[524]: [system] Rejected send message, 1 matched rules; type="method_call", sender=":1.338" (uid=1000 pid=13163 comm="cockpit-bridge ") interface="org.freedesktop.DBus.Properties" member="GetAll" error name="(unset)" requested_reply="0" destination="org.fedoraproject.SetroubleshootFixit" (uid=0 pid=13598 comm="/usr/bin/python /usr/share/setroubleshoot/Setroubl")
Feb  1 23:29:32 0x01 dbus[524]: [system] Rejected send message, 1 matched rules; type="method_call", sender=":1.338" (uid=1000 pid=13163 comm="cockpit-bridge ") interface="org.freedesktop.DBus.Properties" member="GetAll" error name="(unset)" requested_reply="0" destination="org.fedoraproject.SetroubleshootFixit" (uid=0 pid=13598 comm="/usr/bin/python /usr/share/setroubleshoot/Setroubl")
Feb  1 23:29:32 0x01 dbus-daemon: dbus[524]: [system] Rejected send message, 1 matched rules; type="method_call", sender=":1.338" (uid=1000 pid=13163 comm="cockpit-bridge ") interface="org.freedesktop.DBus.Properties" member="GetAll" error name="(unset)" requested_reply="0" destination="org.fedoraproject.SetroubleshootFixit" (uid=0 pid=13598 comm="/usr/bin/python /usr/share/setroubleshoot/Setroubl")

Also, I try to run setroubleshootd with root, the shell shows the following message:

org.freedesktop.DBus.Error.AccessDenied: Connection ":1.454" is not allowed to own the service "org.fedoraproject.Setroubleshootd" due to security policies in the configuration file

I inserted <allow own="org.fedoraproject.Setroubleshootd"/> into /etc/dbus-1/system.d/org.fedoraproject.Setroubleshootd.conf:

......
<policy user="root">
        <allow own="org.fedoraproject.Setroubleshootd"/>
        <allow send_destination="org.fedoraproject.Setroubleshootd"/>
</policy>
......

After server reboot, I try to run setroubleshoot again, there's no error message displayed.

However, I'm not good at DBus and Setroubleshoot, so I'm nor sure the line I inserted will solve the problem or make another big security chaos.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
0 participants