Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

selinux #3673

Merged
merged 1 commit into from
Oct 7, 2024
Merged

selinux #3673

merged 1 commit into from
Oct 7, 2024

Conversation

idarlund
Copy link
Contributor

@idarlund idarlund commented Aug 21, 2024
edited
Loading

documentation was lacking information on security context to binary which resulted SELinux based distros to deny execution trough service. I've added documentation how to fix this without turning SELinux off.

Closes #3700

@izanbard
Copy link

Nice work

@idarlund
Copy link
Contributor Author

idarlund commented Aug 21, 2024
edited
Loading

Just to add some more context to this PR. This is the log message you'll see in the audit log if security context on the binary is not set correctly:

type=AVC msg=audit(1724228637.075:372): avc: denied { execute } for pid=36219 comm="(mediamtx)" name="mediamtx" dev="dm-0" ino=135307595 scontext=system_u:system_r:init_t:s0 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=0

@idarlund idarlund changed the title selinux selinux fixes #3700 Aug 27, 2024
@idarlund idarlund changed the title selinux fixes #3700 selinux Aug 27, 2024
@aler9 aler9 merged commit 51e5f9c into bluenviron:main Oct 7, 2024
6 checks passed
@aler9
Copy link
Member

aler9 commented Oct 7, 2024

merged, thanks

@codecov Codecov
Copy link

codecov bot commented Oct 7, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 55.87%. Comparing base (3700d5e) to head (592a292).
Report is 57 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #3673      +/-   ##
==========================================
- Coverage   57.03%   55.87%   -1.16%     
==========================================
  Files         191      194       +3     
  Lines       19273    19557     +284     
==========================================
- Hits        10992    10928      -64     
- Misses       7445     7792     +347     
- Partials      836      837       +1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Oct 7, 2024

This issue is mentioned in release v1.9.2 🚀
Check out the entire changelog by clicking here

@BrewTestBot BrewTestBot mentioned this pull request Oct 7, 2024
Merged
@idarlund idarlund deleted the patch-1 branch October 7, 2024 22:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ariesbeck ariesbeck ariesbeck approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

SELinux is denying service
4 participants
@idarlund @izanbard @aler9 @ariesbeck