stable

fail2ban-0.11.2-6.fc34

FEDORA-2021-0f39cb8d2e created by hobbes1069 2 years ago for Fedora 34

Update selinux policy for f34 and up.

How to install

sudo dnf upgrade --refresh --advisory=FEDORA-2021-0f39cb8d2e

This update has been submitted for testing by hobbes1069.

2 years ago

This update's test gating status has been changed to 'ignored'.

2 years ago

This update's test gating status has been changed to 'waiting'.

2 years ago

This update's test gating status has been changed to 'ignored'.

2 years ago

This update has been pushed to testing.

2 years ago
User Icon pghmcfc commented & provided feedback a year ago

Fixes most of the SELinux issues but as I use some non-default jails, I also get these:

type=AVC msg=audit(1623327223.709:6536): avc:  denied  { watch } for  pid=118968 comm="fail2ban-server" path="/var/log/secure" dev="dm-0" ino=662190 scontext=system_u:system_r:fail2ban_t:s0 tcontext=system_u:object_r:var_log_t:s0 tclass=file permissive=0
type=AVC msg=audit(1623327223.713:6537): avc:  denied  { watch } for  pid=118968 comm="fail2ban-server" path="/var/log/httpd" dev="dm-0" ino=658553 scontext=system_u:system_r:fail2ban_t:s0 tcontext=system_u:object_r:httpd_log_t:s0 tclass=dir permissive=0
type=AVC msg=audit(1623327223.713:6538): avc:  denied  { watch } for  pid=118968 comm="fail2ban-server" path="/var/log/httpd/access_log" dev="dm-0" ino=662142 scontext=system_u:system_r:fail2ban_t:s0 tcontext=system_u:object_r:httpd_log_t:s0 tclass=file permissive=0
User Icon goeran commented & provided feedback a year ago
karma

Seems to fix #1943696. I see another strange AVC which I need to investigate further.

time->Sat Jun 12 10:18:17 2021
type=AVC msg=audit(1623485897.973:885795): avc:  denied  { execmem } for  pid=850228 comm="grep" scontext=system_u:system_r:fail2ban_t:s0 tcontext=system_u:system_r:fail2ban_t:s0 tclass=process permissive=0

That seems unrelated though, so I'm still giving positive karma.

BZ#1943696 SELinux is preventing f2b/f.dropbear from 'watch' accesses on the dossier /var/log/journal/ec1f2eff01f44aa2bebe5f6230eac47b.

This update has been submitted for stable by bodhi.

a year ago

This update has been pushed to stable.

a year ago

Please login to add feedback.

Metadata
Type
unspecified
Karma
1
Signed
Content Type
RPM
Test Gating
Builds
1
fail2ban-0.11.2-6.fc34
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
2 years ago
in testing
2 years ago
in stable
a year ago
BZ#1943696 SELinux is preventing f2b/f.dropbear from 'watch' accesses on the dossier /var/log/journal/ec1f2eff01f44aa2bebe5f6230eac47b.
0
1
fail2ban-0.11.2-6.fc34

Automated Test Results

Copyright © 2007-2023 Red Hat, Inc. and others.

Running bodhi-server 7.2.0^202305170827gitb1d8280 on bodhi-web-95-t58rz.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy