Setroubleshoot failed to retrieve rpm info for /dev/shm/MtStrmCommandResponseMessageQueue

Solution Verified - Updated -

Issue

  • When logging out of a ssh session, getting the below message:
2015-12-01 15:44:22 -05:00 Tue 2015-12-01 15:44:22 localhost [user.err] setroubleshoot: failed to retrieve rpm info for /dev/shm/MtStrmCommandResponseMessageQueue
2015-12-01 15:44:22 -05:00 Tue 2015-12-01 15:44:22 localhost [user.err] setroubleshoot: Plugin Exception restorecon_source 
2015-12-01 15:44:22 -05:00 Tue 2015-12-01 15:44:22 localhost [user.err] setroubleshoot: SELinux is preventing /usr/lib/systemd/systemd-logind from getattr access on the file /dev/shm/MtStrmCommandResponseMessageQueue. For complete SELinux messages. run sealert -l 509e472c-28b3-40d1-992b-468fbbfd921f
  • Complete sealert message:
[user@localhost ~ 13]% sealert -l 509e472c-28b3-40d1-992b-468fbbfd921f
SELinux is preventing /usr/lib/systemd/systemd-logind from getattr access on the file /dev/shm/MtStrmCommandResponseMessageQueue.

*****  Plugin catchall (100. confidence) suggests   **************************

If you believe that systemd-logind should be allowed getattr access on the MtStrmCommandResponseMessageQueue file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep systemd-logind /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp


Additional Information:
Source Context                system_u:system_r:systemd_logind_t:s0
Target Context                system_u:object_r:tmpfs_t:s0
Target Objects                /dev/shm/MtStrmCommandResponseMessageQueue [ file
                              ]
Source                        systemd-logind
Source Path                   /usr/lib/systemd/systemd-logind
Port                          <Unknown>
Host                          localhost
Source RPM Packages           systemd-219-19.el7.x86_64
Target RPM Packages           
Policy RPM                    selinux-policy-3.13.1-60.el7.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Permissive
Host Name                     localhost
Platform                      Linux localhost 3.10.0-327.el7.x86_64 #1 SMP Thu Oct 29
                              17:29:29 EDT 2015 x86_64 x86_64
Alert Count                   12
First Seen                    2015-12-01 01:48:22 EST
Last Seen                     2015-12-01 15:44:21 EST
Local ID                      509e472c-28b3-40d1-992b-468fbbfd921f

Raw Audit Messages
type=AVC msg=audit(1449002661.506:2929): avc:  denied  { getattr } for  pid=1170 comm="systemd-logind" path="/dev/shm/MtStrmCommandResponseMessageQueue" dev="tmpfs" ino=24854 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=file


type=SYSCALL msg=audit(1449002661.506:2929): arch=x86_64 syscall=newfstatat success=yes exit=0 a0=10 a1=7f65552afec3 a2=7ffcffebea10 a3=100 items=0 ppid=1 pid=1170 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=systemd-logind exe=/usr/lib/systemd/systemd-logind subj=system_u:system_r:systemd_logind_t:s0 key=(null)

Hash: systemd-logind,systemd_logind_t,tmpfs_t,file,getattr

Environment

  • Red Hat Enterprise Linux 7.2
  • systemd-219-19.el7.x86_64
  • selinux-policy-3.13.1-60.el7.noarch

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content