Fedora 31 Server, podman and SELinux
-
Without knowing what was specifically allowed through with selinux disabled I can't say for certain. Here is documentation on Setenforce.
-
Show us the audit logs.
# this command will so anything that was denied. sudo tail -f /var/log/audit/audit.log | grep "denied"
-
Don't disable SELinux, temporary set it to permissive.
# temporary set SELinux to permissive sudo setenforce permissive # confirm SELinux is set to permissive getenforce # set it SELinux back to enforcing after you fix the permissive sudo setenforce enforcing
-
You can just use podman to install easyepg. I found five to choose from.
-
@black3dynamite said in Fedora 31 Server, podman and SELinux:
Show us the audit logs.
# this command will so anything that was denied. sudo tail -f /var/log/audit/audit.log | grep "denied"
This one gives no output at all. I'll try tomorrow again.
-
@black3dynamite said in Fedora 31 Server, podman and SELinux:
You can just use podman to install easyepg. I found five to choose from.
Yes I know. Have not tried those and I just know about "takealug". I can try. Just to figure out if get the same SELinux errors.
-
@Woti he got the command wrong.
tail -f
will only get the last few lines of the logThis will look at the entire log.
sudo grep denied /var/log/audit/audit.log
-
Are you running podman as root? A normal user can't modify /usr/local/bin normally even without SELinux.
-
That unit script shows that it uses this as the default path:
DEFAULT_VOLUME=$(cd ~ && pwd -P)"/easyepg"
How did that end up in /usr/local/bin?
-
@stacksofplates during installation of the script you can choose where to install easyepg. I tried both in /home/myuser/easyepg as podman with my user and in /usr/local/bin/easyepg as podman with root.
-
Output 1 of 2 audit.log
type=AVC msg=audit(1583268530.225:308): avc: denied { write } for pid=2673 comm="git" name="easyepg" dev="dm-0" ino=9478336 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583268657.393:313): avc: denied { write } for pid=3024 comm="git" name="easyepg" dev="dm-0" ino=9478336 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583268949.079:371): avc: denied { add_name } for pid=3682 comm="git" name="easyepg" scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583269134.240:386): avc: denied { create } for pid=3920 comm="git" name="easyepg" scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583269242.611:406): avc: denied { create } for pid=4143 comm="git" name="exclude" scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269242.611:407): avc: denied { write open } for pid=4143 comm="git" path="/easyepg/easyepg/.git/info/exclude" dev="dm-0" ino=8739228 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269242.620:408): avc: denied { read } for pid=4143 comm="git" path="/easyepg/easyepg/.git/HEAD.lock" dev="dm-0" ino=575190 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269242.620:409): avc: denied { remove_name } for pid=4143 comm="git" name="HEAD.lock" dev="dm-0" ino=575190 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583269242.620:410): avc: denied { rename } for pid=4143 comm="git" name="HEAD.lock" dev="dm-0" ino=575190 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269242.621:411): avc: denied { setattr } for pid=4143 comm="git" name="config" dev="dm-0" ino=575191 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269242.621:412): avc: denied { map } for pid=4143 comm="git" path="/easyepg/easyepg/.git/config" dev="dm-0" ino=575191 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269242.621:413): avc: denied { unlink } for pid=4143 comm="git" name="config" dev="dm-0" ino=575191 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269242.622:414): avc: denied { create } for pid=4143 comm="git" name="tLxMhAM" scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=lnk_file permissive=1 type=AVC msg=audit(1583269242.622:415): avc: denied { unlink } for pid=4143 comm="git" name="tLxMhAM" dev="dm-0" ino=575191 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=lnk_file permissive=1 type=AVC msg=audit(1583269244.875:416): avc: denied { link } for pid=4152 comm="git" name="tmp_pack_katKey" dev="dm-0" ino=575193 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269244.892:417): avc: denied { append } for pid=4143 comm="git" path="/easyepg/easyepg/.git/logs/refs/remotes/origin/HEAD" dev="dm-0" ino=4240653 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269244.997:418): avc: denied { ioctl } for pid=4160 comm="bash" path="/easyepg/easyepg/update.sh" dev="dm-0" ino=13460878 ioctlcmd=0x5401 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269247.412:419): avc: denied { rmdir } for pid=4699 comm="rm" name="branches" dev="dm-0" ino=4240646 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583269247.420:420): avc: denied { remove_name } for pid=4699 comm="rm" name="easyepg" dev="dm-0" ino=14560060 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583269248.288:421): avc: denied { setattr } for pid=4725 comm="chown" name="my-git.te" dev="dm-0" ino=9478378 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269248.288:422): avc: denied { setattr } for pid=4725 comm="chown" name="hzn" dev="dm-0" ino=13298283 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583269248.289:423): avc: denied { setattr } for pid=4725 comm="chown" name="easyepg" dev="dm-0" ino=9478336 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583269864.864:431): avc: denied { create } for pid=5249 comm="git" name="exclude" scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269864.864:432): avc: denied { write open } for pid=5249 comm="git" path="/easyepg/easyepg/.git/info/exclude" dev="dm-0" ino=13298582 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269864.869:433): avc: denied { read } for pid=5249 comm="git" path="/easyepg/easyepg/.git/HEAD.lock" dev="dm-0" ino=4226140 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269864.871:434): avc: denied { remove_name } for pid=5249 comm="git" name="HEAD.lock" dev="dm-0" ino=4226140 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583269864.871:435): avc: denied { rename } for pid=5249 comm="git" name="HEAD.lock" dev="dm-0" ino=4226140 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269864.871:436): avc: denied { setattr } for pid=5249 comm="git" name="config" dev="dm-0" ino=4230336 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269864.871:437): avc: denied { map } for pid=5249 comm="git" path="/easyepg/easyepg/.git/config" dev="dm-0" ino=4230336 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269864.871:438): avc: denied { unlink } for pid=5249 comm="git" name="config" dev="dm-0" ino=4230336 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269864.871:439): avc: denied { create } for pid=5249 comm="git" name="tEzi3Yf" scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=lnk_file permissive=1 type=AVC msg=audit(1583269864.871:440): avc: denied { unlink } for pid=5249 comm="git" name="tEzi3Yf" dev="dm-0" ino=4230336 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=lnk_file permissive=1 type=AVC msg=audit(1583269866.711:441): avc: denied { link } for pid=5254 comm="git" name="tmp_pack_aKmh5l" dev="dm-0" ino=4230338 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269866.720:442): avc: denied { append } for pid=5249 comm="git" path="/easyepg/easyepg/.git/logs/refs/remotes/origin/HEAD" dev="dm-0" ino=575213 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269866.766:443): avc: denied { ioctl } for pid=5259 comm="bash" path="/easyepg/easyepg/update.sh" dev="dm-0" ino=512980 ioctlcmd=0x5401 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269866.795:444): avc: denied { read } for pid=5264 comm="cp" name="prog_combine.pl" dev="dm-0" ino=512968 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269866.795:445): avc: denied { open } for pid=5264 comm="cp" path="/easyepg/easyepg/prog_combine.pl" dev="dm-0" ino=512968 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269866.795:446): avc: denied { write } for pid=5264 comm="cp" name="prog_combine.pl" dev="dm-0" ino=9658138 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269868.852:447): avc: denied { remove_name } for pid=5792 comm="rm" name="branches" dev="dm-0" ino=8739260 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583269868.852:448): avc: denied { rmdir } for pid=5792 comm="rm" name="branches" dev="dm-0" ino=8739260 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583269868.852:449): avc: denied { unlink } for pid=5792 comm="rm" name="exclude" dev="dm-0" ino=13298582 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269868.860:450): avc: denied { remove_name } for pid=5792 comm="rm" name="easyepg" dev="dm-0" ino=575196 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583269869.734:451): avc: denied { setattr } for pid=5827 comm="chown" name="my-git.te" dev="dm-0" ino=9478378 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269869.735:452): avc: denied { setattr } for pid=5827 comm="chown" name="epg.sh" dev="dm-0" ino=9658134 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269869.735:453): avc: denied { setattr } for pid=5827 comm="chown" name="hzn" dev="dm-0" ino=13298283 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583269869.737:454): avc: denied { setattr } for pid=5827 comm="chown" name="easyepg" dev="dm-0" ino=9478336 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583269938.914:455): avc: denied { execute } for pid=5931 comm="bash" name="epg.sh" dev="dm-0" ino=9658134 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269938.914:456): avc: denied { execute_no_trans } for pid=5931 comm="bash" path="/easyepg/epg.sh" dev="dm-0" ino=9658134 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269938.919:457): avc: denied { ioctl } for pid=5931 comm="epg.sh" path="/easyepg/epg.sh" dev="dm-0" ino=9658134 ioctlcmd=0x5401 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269950.143:458): avc: denied { create } for pid=6039 comm="git" name="exclude" scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269950.148:459): avc: denied { rename } for pid=6039 comm="git" name="HEAD.lock" dev="dm-0" ino=575200 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269950.149:460): avc: denied { map } for pid=6039 comm="git" path="/easyepg/easyepg/.git/config" dev="dm-0" ino=575201 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269950.149:461): avc: denied { create } for pid=6039 comm="git" name="ti678m1" scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=lnk_file permissive=1 type=AVC msg=audit(1583269950.150:462): avc: denied { unlink } for pid=6039 comm="git" name="ti678m1" dev="dm-0" ino=575201 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=lnk_file permissive=1 type=AVC msg=audit(1583269951.786:463): avc: denied { link } for pid=6046 comm="git" name="tmp_pack_1QFH8x" dev="dm-0" ino=575203 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583269951.793:464): avc: denied { append } for pid=6039 comm="git" path="/easyepg/easyepg/.git/logs/refs/remotes/origin/HEAD" dev="dm-0" ino=13298606 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583270122.384:529): avc: denied { unlink } for pid=7005 comm="systemd-user-ru" name="hosts" dev="tmpfs" ino=68629 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:container_file_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583270122.384:530): avc: denied { read } for pid=7005 comm="systemd-user-ru" name="secrets" dev="tmpfs" ino=42446 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:container_file_t:s0:c812,c831 tclass=dir permissive=1 type=AVC msg=audit(1583270122.385:531): avc: denied { rmdir } for pid=7005 comm="systemd-user-ru" name="secrets" dev="tmpfs" ino=42446 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:container_file_t:s0:c812,c831 tclass=dir permissive=1 type=AVC msg=audit(1583270122.385:532): avc: denied { unlink } for pid=7005 comm="systemd-user-ru" name=".containerenv" dev="tmpfs" ino=42444 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:container_file_t:s0:c812,c831 tclass=file permissive=1 type=AVC msg=audit(1583350958.833:261): avc: denied { create } for pid=1438 comm="git" name="exclude" scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583350958.833:262): avc: denied { remove_name } for pid=1438 comm="git" name=".git" dev="dm-0" ino=8412886 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583350958.833:263): avc: denied { remove_name } for pid=1438 comm="git" name="easyepg" dev="dm-0" ino=4203731 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583350958.890:264): avc: denied { remove_name } for pid=1440 comm="rm" name="easyepg" dev="dm-0" ino=4203731 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583351702.774:309): avc: denied { remove_name } for pid=1834 comm="rm" name="easyepg" dev="dm-0" ino=4203731 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583351702.793:310): avc: denied { remove_name } for pid=1837 comm="rm" name="easyepg" dev="dm-0" ino=4203731 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583352068.116:314): avc: denied { remove_name } for pid=1986 comm="rm" name="easyepg" dev="dm-0" ino=4203731 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583352068.136:315): avc: denied { remove_name } for pid=1989 comm="rm" name="easyepg" dev="dm-0" ino=4203731 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583352178.007:316): avc: denied { remove_name } for pid=2082 comm="rm" name="easyepg" dev="dm-0" ino=4203731 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583352178.023:317): avc: denied { remove_name } for pid=2085 comm="rm" name="easyepg" dev="dm-0" ino=4203731 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583352263.055:328): avc: denied { remove_name } for pid=2191 comm="rm" name="easyepg" dev="dm-0" ino=4203731 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583352263.072:329): avc: denied { remove_name } for pid=2194 comm="rm" name="easyepg" dev="dm-0" ino=4203731 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583352791.875:366): avc: denied { remove_name } for pid=2429 comm="rm" name="easyepg" dev="dm-0" ino=4203731 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583352791.894:367): avc: denied { remove_name } for pid=2432 comm="rm" name="easyepg" dev="dm-0" ino=4203731 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583353388.093:404): avc: denied { remove_name } for pid=3027 comm="rm" name="easyepg" dev="dm-0" ino=4203731 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583353388.114:405): avc: denied { remove_name } for pid=3030 comm="rm" name="easyepg" dev="dm-0" ino=4203731 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583354127.774:460): avc: denied { write } for pid=3275 comm="rm" name="easyepg" dev="dm-0" ino=9478336 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_dir_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583354127.792:461): avc: denied { write } for pid=3278 comm="rm" name="easyepg" dev="dm-0" ino=9478336 scontext=system_u:system_r:container_t:s0:c812,c831 tcontext=system_u:object_r:user_home_dir_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583354477.988:519): avc: denied { unlink } for pid=3570 comm="systemd-user-ru" name="hosts" dev="tmpfs" ino=50070 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:container_file_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583354477.989:520): avc: denied { unlink } for pid=3570 comm="systemd-user-ru" name="resolv.conf" dev="tmpfs" ino=50066 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:container_file_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583354477.989:521): avc: denied { read } for pid=3570 comm="systemd-user-ru" name="secrets" dev="tmpfs" ino=37057 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:container_file_t:s0:c812,c831 tclass=dir permissive=0 type=AVC msg=audit(1583354477.989:522): avc: denied { unlink } for pid=3570 comm="systemd-user-ru" name=".containerenv" dev="tmpfs" ino=37055 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:container_file_t:s0:c812,c831 tclass=file permissive=0 type=AVC msg=audit(1583354477.989:523): avc: denied { unlink } for pid=3570 comm="systemd-user-ru" name="hostname" dev="tmpfs" ino=37054 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:container_file_t:s0:c812,c831 tclass=file permissive=0 type=AVC msg=audit(1583437487.930:270): avc: denied { write } for pid=1974 comm="git" name="easyepg" dev="dm-0" ino=13351237 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583437489.150:271): avc: denied { setattr } for pid=1995 comm="chown" name="FUNDING.yml" dev="dm-0" ino=219726 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.150:272): avc: denied { setattr } for pid=1995 comm="chown" name=".github" dev="dm-0" ino=66995 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583437489.151:273): avc: denied { setattr } for pid=1995 comm="chown" name="LICENSE" dev="dm-0" ino=13379704 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.151:274): avc: denied { setattr } for pid=1995 comm="chown" name="README.md" dev="dm-0" ino=13508762 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.151:275): avc: denied { setattr } for pid=1995 comm="chown" name="backup.sh" dev="dm-0" ino=13508763 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.151:276): avc: denied { setattr } for pid=1995 comm="chown" name="branch-debaschdi.sh" dev="dm-0" ino=13726284 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.151:277): avc: denied { setattr } for pid=1995 comm="chown" name="ch_combine.pl" dev="dm-0" ino=13726285 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.151:278): avc: denied { setattr } for pid=1995 comm="chown" name="combine.sh" dev="dm-0" ino=13726286 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.151:279): avc: denied { setattr } for pid=1995 comm="chown" name="epg.sh" dev="dm-0" ino=13726290 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.152:280): avc: denied { setattr } for pid=1995 comm="chown" name="ch_ext.pl" dev="dm-0" ino=4219926 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.152:281): avc: denied { setattr } for pid=1995 comm="chown" name="compare_menu.pl" dev="dm-0" ino=4219930 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.152:282): avc: denied { setattr } for pid=1995 comm="chown" name="epg_ext.pl" dev="dm-0" ino=4219932 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.152:283): avc: denied { setattr } for pid=1995 comm="chown" name="ext.sh" dev="dm-0" ino=4219933 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.152:284): avc: denied { setattr } for pid=1995 comm="chown" name="settings.sh" dev="dm-0" ino=4219935 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.152:285): avc: denied { setattr } for pid=1995 comm="chown" name="ext" dev="dm-0" ino=4219912 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583437489.152:286): avc: denied { setattr } for pid=1995 comm="chown" name="ch_json2xml.pl" dev="dm-0" ino=8635392 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.153:287): avc: denied { setattr } for pid=1995 comm="chown" name="chlist_printer.pl" dev="dm-0" ino=8635393 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.153:288): avc: denied { setattr } for pid=1995 comm="chown" name="cid_json.pl" dev="dm-0" ino=8635395 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.153:289): avc: denied { setattr } for pid=1995 comm="chown" name="compare_menu.pl" dev="dm-0" ino=8635423 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.154:290): avc: denied { setattr } for pid=1995 comm="chown" name="epg_json2xml.pl" dev="dm-0" ino=8635428 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.154:291): avc: denied { setattr } for pid=1995 comm="chown" name="hzn.sh" dev="dm-0" ino=8667283 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.154:292): avc: denied { setattr } for pid=1995 comm="chown" name="settings.sh" dev="dm-0" ino=8693190 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.154:293): avc: denied { setattr } for pid=1995 comm="chown" name="url_printer.pl" dev="dm-0" ino=8701656 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.155:294): avc: denied { setattr } for pid=1995 comm="chown" name="hzn" dev="dm-0" ino=8625290 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583437489.155:295): avc: denied { setattr } for pid=1995 comm="chown" name="prog_combine.pl" dev="dm-0" ino=13726291 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.155:296): avc: denied { setattr } for pid=1995 comm="chown" name="ch_json2xml.pl" dev="dm-0" ino=13726293 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.155:297): avc: denied { setattr } for pid=1995 comm="chown" name="chlist_printer.pl" dev="dm-0" ino=13726346 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.155:298): avc: denied { setattr } for pid=1995 comm="chown" name="cid_json.pl" dev="dm-0" ino=13726349 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.155:299): avc: denied { setattr } for pid=1995 comm="chown" name="compare_crid.pl" dev="dm-0" ino=13777383 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.155:300): avc: denied { setattr } for pid=1995 comm="chown" name="compare_menu.pl" dev="dm-0" ino=13777384 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.156:301): avc: denied { setattr } for pid=1995 comm="chown" name="epg_json2xml.pl" dev="dm-0" ino=13777385 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.156:302): avc: denied { setattr } for pid=1995 comm="chown" name="rdt.sh" dev="dm-0" ino=13777386 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.156:303): avc: denied { setattr } for pid=1995 comm="chown" name="settings.sh" dev="dm-0" ino=13777387 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.156:304): avc: denied { setattr } for pid=1995 comm="chown" name="url_printer.pl" dev="dm-0" ino=13167104 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.156:305): avc: denied { setattr } for pid=1995 comm="chown" name="rdt" dev="dm-0" ino=13726292 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583437489.156:306): avc: denied { setattr } for pid=1995 comm="chown" name="restore.sh" dev="dm-0" ino=13167105 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.156:307): avc: denied { setattr } for pid=1995 comm="chown" name="ch_json2xml.pl" dev="dm-0" ino=226961 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.156:308): avc: denied { setattr } for pid=1995 comm="chown" name="chlist_printer.pl" dev="dm-0" ino=231429 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.156:309): avc: denied { setattr } for pid=1995 comm="chown" name="cid_json.pl" dev="dm-0" ino=231430 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.158:310): avc: denied { setattr } for pid=1995 comm="chown" name="compare_menu.pl" dev="dm-0" ino=231434 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.158:311): avc: denied { setattr } for pid=1995 comm="chown" name="epg_json2xml.pl" dev="dm-0" ino=231435 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.158:312): avc: denied { setattr } for pid=1995 comm="chown" name="settings.sh" dev="dm-0" ino=231436 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.158:313): avc: denied { setattr } for pid=1995 comm="chown" name="swc.sh" dev="dm-0" ino=231437 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.158:314): avc: denied { setattr } for pid=1995 comm="chown" name="url_printer.pl" dev="dm-0" ino=360556 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.158:315): avc: denied { setattr } for pid=1995 comm="chown" name="swc" dev="dm-0" ino=225110 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=0type=AVC msg=audit(1583437489.158:316): avc: denied { setattr } for pid=1995 comm="chown" name="testing.sh" dev="dm-0" ino=13167106 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.158:317): avc: denied { setattr } for pid=1995 comm="chown" name="ch_json2xml.pl" dev="dm-0" ino=4219938 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.158:318): avc: denied { setattr } for pid=1995 comm="chown" name="chlist_printer.pl" dev="dm-0" ino=4219939 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.158:319): avc: denied { setattr } for pid=1995 comm="chown" name="cid_json.pl" dev="dm-0" ino=4219940 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.158:320): avc: denied { setattr } for pid=1995 comm="chown" name="compare_menu.pl" dev="dm-0" ino=4219941 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.158:321): avc: denied { setattr } for pid=1995 comm="chown" name="epg_json2xml.pl" dev="dm-0" ino=4219942 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.158:322): avc: denied { setattr } for pid=1995 comm="chown" name="proxy.sh" dev="dm-0" ino=4219944 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.158:323): avc: denied { setattr } for pid=1995 comm="chown" name="settings.sh" dev="dm-0" ino=4563988 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0
-
Output 2 of 2 audit.log
type=AVC msg=audit(1583437489.158:324): avc: denied { setattr } for pid=1995 comm="chown" name="tkm.sh" dev="dm-0" ino=4622383 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.158:325): avc: denied { setattr } for pid=1995 comm="chown" name="url_printer.pl" dev="dm-0" ino=4622384 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.158:326): avc: denied { setattr } for pid=1995 comm="chown" name="web_magentatv_de.php" dev="dm-0" ino=4622385 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.158:327): avc: denied { setattr } for pid=1995 comm="chown" name="tkm" dev="dm-0" ino=4219936 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583437489.159:328): avc: denied { setattr } for pid=1995 comm="chown" name="ch_json2xml.pl" dev="dm-0" ino=8832681 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.159:329): avc: denied { setattr } for pid=1995 comm="chown" name="chlist_printer.pl" dev="dm-0" ino=8832819 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.159:330): avc: denied { setattr } for pid=1995 comm="chown" name="cid_json.pl" dev="dm-0" ino=8903342 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.159:331): avc: denied { setattr } for pid=1995 comm="chown" name="compare_crid.pl" dev="dm-0" ino=8903498 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.171:332): avc: denied { setattr } for pid=1995 comm="chown" name="compare_menu.pl" dev="dm-0" ino=8913684 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.171:333): avc: denied { setattr } for pid=1995 comm="chown" name="epg_json2xml.pl" dev="dm-0" ino=9096147 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.171:334): avc: denied { setattr } for pid=1995 comm="chown" name="settings.sh" dev="dm-0" ino=9096148 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.171:335): avc: denied { setattr } for pid=1995 comm="chown" name="tvp.sh" dev="dm-0" ino=9096149 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.171:336): avc: denied { setattr } for pid=1995 comm="chown" name="tvp" dev="dm-0" ino=8785984 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583437489.171:337): avc: denied { setattr } for pid=1995 comm="chown" name="ch_json2xml.pl" dev="dm-0" ino=13167108 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.171:338): avc: denied { setattr } for pid=1995 comm="chown" name="chlist_printer.pl" dev="dm-0" ino=13167109 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.171:339): avc: denied { setattr } for pid=1995 comm="chown" name="cid_json.pl" dev="dm-0" ino=13167110 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.171:340): avc: denied { setattr } for pid=1995 comm="chown" name="compare_menu.pl" dev="dm-0" ino=13167111 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.171:341): avc: denied { setattr } for pid=1995 comm="chown" name="epg_json2xml.pl" dev="dm-0" ino=13167112 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.171:342): avc: denied { setattr } for pid=1995 comm="chown" name="settings.sh" dev="dm-0" ino=13167113 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.171:343): avc: denied { setattr } for pid=1995 comm="chown" name="tvs.sh" dev="dm-0" ino=13167114 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.171:344): avc: denied { setattr } for pid=1995 comm="chown" name="url_printer.pl" dev="dm-0" ino=13167115 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.171:345): avc: denied { setattr } for pid=1995 comm="chown" name="tvs" dev="dm-0" ino=13167107 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583437489.171:346): avc: denied { setattr } for pid=1995 comm="chown" name="ch_json2xml.pl" dev="dm-0" ino=499341 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.173:347): avc: denied { setattr } for pid=1995 comm="chown" name="chlist_printer.pl" dev="dm-0" ino=499347 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.173:348): avc: denied { setattr } for pid=1995 comm="chown" name="cid_json.pl" dev="dm-0" ino=499358 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.173:349): avc: denied { setattr } for pid=1995 comm="chown" name="compare_crid.pl" dev="dm-0" ino=1125864 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.173:350): avc: denied { setattr } for pid=1995 comm="chown" name="compare_menu.pl" dev="dm-0" ino=1125865 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.173:351): avc: denied { setattr } for pid=1995 comm="chown" name="epg_json2xml.pl" dev="dm-0" ino=1125866 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.173:352): avc: denied { setattr } for pid=1995 comm="chown" name="settings.sh" dev="dm-0" ino=1125867 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.173:353): avc: denied { setattr } for pid=1995 comm="chown" name="tvtv.sh" dev="dm-0" ino=1125868 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.173:354): avc: denied { setattr } for pid=1995 comm="chown" name="url_printer.pl" dev="dm-0" ino=1125869 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.173:355): avc: denied { setattr } for pid=1995 comm="chown" name="tvtv" dev="dm-0" ino=499338 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583437489.173:356): avc: denied { setattr } for pid=1995 comm="chown" name="update.sh" dev="dm-0" ino=13167116 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.173:357): avc: denied { setattr } for pid=1995 comm="chown" name="ch_json2xml.pl" dev="dm-0" ino=4622387 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.173:358): avc: denied { setattr } for pid=1995 comm="chown" name="chlist_printer.pl" dev="dm-0" ino=4622388 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.174:359): avc: denied { setattr } for pid=1995 comm="chown" name="cid_json.pl" dev="dm-0" ino=4622389 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.174:360): avc: denied { setattr } for pid=1995 comm="chown" name="compare_crid.pl" dev="dm-0" ino=4622390 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.174:361): avc: denied { setattr } for pid=1995 comm="chown" name="compare_menu.pl" dev="dm-0" ino=4622391 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.174:362): avc: denied { setattr } for pid=1995 comm="chown" name="epg_json2xml.pl" dev="dm-0" ino=4622392 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.174:363): avc: denied { setattr } for pid=1995 comm="chown" name="settings.sh" dev="dm-0" ino=4622393 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.174:364): avc: denied { setattr } for pid=1995 comm="chown" name="url_printer.pl" dev="dm-0" ino=4622394 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.174:365): avc: denied { setattr } for pid=1995 comm="chown" name="vdf.sh" dev="dm-0" ino=4622395 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.174:366): avc: denied { setattr } for pid=1995 comm="chown" name="vdf" dev="dm-0" ino=4622386 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583437489.174:367): avc: denied { setattr } for pid=1995 comm="chown" name="ch_json2xml.pl" dev="dm-0" ino=9096151 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.174:368): avc: denied { setattr } for pid=1995 comm="chown" name="chlist_printer.pl" dev="dm-0" ino=9096152 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.174:369): avc: denied { setattr } for pid=1995 comm="chown" name="cid_json.pl" dev="dm-0" ino=9096153 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.174:370): avc: denied { setattr } for pid=1995 comm="chown" name="compare_menu.pl" dev="dm-0" ino=9096154 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.174:371): avc: denied { setattr } for pid=1995 comm="chown" name="epg_json2xml.pl" dev="dm-0" ino=9096155 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.175:372): avc: denied { setattr } for pid=1995 comm="chown" name="settings.sh" dev="dm-0" ino=9096156 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.175:373): avc: denied { setattr } for pid=1995 comm="chown" name="wpu.sh" dev="dm-0" ino=9096157 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.175:374): avc: denied { setattr } for pid=1995 comm="chown" name="wpu" dev="dm-0" ino=9096150 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583437489.175:375): avc: denied { setattr } for pid=1995 comm="chown" name="ch_json2xml.pl" dev="dm-0" ino=13167118 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.175:376): avc: denied { setattr } for pid=1995 comm="chown" name="chlist_printer.pl" dev="dm-0" ino=13167119 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.175:377): avc: denied { setattr } for pid=1995 comm="chown" name="cid_json.pl" dev="dm-0" ino=13167120 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.175:378): avc: denied { setattr } for pid=1995 comm="chown" name="compare_crid.pl" dev="dm-0" ino=13167121 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.175:379): avc: denied { setattr } for pid=1995 comm="chown" name="compare_menu.pl" dev="dm-0" ino=13167122 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.175:380): avc: denied { setattr } for pid=1995 comm="chown" name="epg_json2xml.pl" dev="dm-0" ino=13167123 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.175:381): avc: denied { setattr } for pid=1995 comm="chown" name="save_page.js" dev="dm-0" ino=13167124 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.175:382): avc: denied { setattr } for pid=1995 comm="chown" name="settings.sh" dev="dm-0" ino=13167125 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.175:383): avc: denied { setattr } for pid=1995 comm="chown" name="ztt.sh" dev="dm-0" ino=13167126 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583437489.175:384): avc: denied { setattr } for pid=1995 comm="chown" name="ztt" dev="dm-0" ino=13167117 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583437489.176:385): avc: denied { setattr } for pid=1995 comm="chown" name="xml" dev="dm-0" ino=9241691 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583437489.176:386): avc: denied { setattr } for pid=1995 comm="chown" name="combine" dev="dm-0" ino=13726283 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583437489.176:387): avc: denied { setattr } for pid=1995 comm="chown" name="easyepg" dev="dm-0" ino=13351237 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583437629.934:392): avc: denied { write } for pid=2651 comm="git" name="easyepg" dev="dm-0" ino=13351237 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583437629.934:393): avc: denied { add_name } for pid=2651 comm="git" name="easyepg" scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583437629.935:394): avc: denied { create } for pid=2651 comm="git" name="easyepg" scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583437629.937:395): avc: denied { write } for pid=2651 comm="git" name="easyepg" dev="dm-0" ino=12658816 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583437629.937:396): avc: denied { add_name } for pid=2651 comm="git" name=".git" scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583437629.952:397): avc: denied { create } for pid=2651 comm="git" name="exclude" scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583437629.954:398): avc: denied { write } for pid=2651 comm="git" path="/easyepg/easyepg/.git/info/exclude" dev="dm-0" ino=9108398 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583437629.962:399): avc: denied { remove_name } for pid=2651 comm="git" name="HEAD.lock" dev="dm-0" ino=1693069 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583437629.962:400): avc: denied { rename } for pid=2651 comm="git" name="HEAD.lock" dev="dm-0" ino=1693069 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583437629.963:401): avc: denied { setattr } for pid=2651 comm="git" name="config" dev="dm-0" ino=1693070 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583437629.964:402): avc: denied { unlink } for pid=2651 comm="git" name="config" dev="dm-0" ino=1693070 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583437629.965:403): avc: denied { create } for pid=2651 comm="git" name="tfdZp8t" scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=lnk_file permissive=1 type=AVC msg=audit(1583437629.965:404): avc: denied { unlink } for pid=2651 comm="git" name="tfdZp8t" dev="dm-0" ino=1693070 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=lnk_file permissive=1 type=AVC msg=audit(1583437632.018:405): avc: denied { link } for pid=2660 comm="git" name="tmp_pack_1aum5K" dev="dm-0" ino=4878847 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583437632.032:406): avc: denied { append } for pid=2651 comm="git" path="/easyepg/easyepg/.git/logs/refs/remotes/origin/HEAD" dev="dm-0" ino=5189445 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583437632.220:407): avc: denied { write } for pid=2667 comm="cp" name="epg.sh" dev="dm-0" ino=13726290 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583437634.202:408): avc: denied { rmdir } for pid=3204 comm="rm" name="branches" dev="dm-0" ino=4878843 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583437634.212:409): avc: denied { remove_name } for pid=3204 comm="rm" name="easyepg" dev="dm-0" ino=12658816 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583437635.115:410): avc: denied { setattr } for pid=3232 comm="chown" name="FUNDING.yml" dev="dm-0" ino=219726 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583437635.116:411): avc: denied { setattr } for pid=3232 comm="chown" name=".github" dev="dm-0" ino=66995 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438005.400:426): avc: denied { write } for pid=3454 comm="git" name="easyepg" dev="dm-0" ino=13351237 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438005.400:427): avc: denied { add_name } for pid=3454 comm="git" name="easyepg" scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438005.400:428): avc: denied { create } for pid=3454 comm="git" name="easyepg" scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438005.402:429): avc: denied { write } for pid=3454 comm="git" name="easyepg" dev="dm-0" ino=8667266 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438005.402:430): avc: denied { add_name } for pid=3454 comm="git" name=".git" scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438005.405:431): avc: denied { create } for pid=3454 comm="git" name="exclude" scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438005.405:432): avc: denied { write } for pid=3454 comm="git" path="/easyepg/easyepg/.git/info/exclude" dev="dm-0" ino=4878846 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438005.410:433): avc: denied { remove_name } for pid=3454 comm="git" name="HEAD.lock" dev="dm-0" ino=15145095 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438005.410:434): avc: denied { rename } for pid=3454 comm="git" name="HEAD.lock" dev="dm-0" ino=15145095 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438005.411:435): avc: denied { setattr } for pid=3454 comm="git" name="config" dev="dm-0" ino=15145096 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1type=AVC msg=audit(1583438005.411:436): avc: denied { unlink } for pid=3454 comm="git" name="config" dev="dm-0" ino=15145096 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438005.413:437): avc: denied { create } for pid=3454 comm="git" name="tAU8v6D" scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=lnk_file permissive=1 type=AVC msg=audit(1583438005.413:438): avc: denied { unlink } for pid=3454 comm="git" name="tAU8v6D" dev="dm-0" ino=15145096 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=lnk_file permissive=1 type=AVC msg=audit(1583438007.166:439): avc: denied { link } for pid=3463 comm="git" name="tmp_pack_OWZZAV" dev="dm-0" ino=15145098 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438007.185:440): avc: denied { create } for pid=3454 comm="git" name="packed-refs.lock" scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438007.186:441): avc: denied { write } for pid=3454 comm="git" path="/easyepg/easyepg/.git/packed-refs.lock" dev="dm-0" ino=15145101 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438007.188:442): avc: denied { rename } for pid=3454 comm="git" name="packed-refs.new" dev="dm-0" ino=15145102 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438007.189:443): avc: denied { unlink } for pid=3454 comm="git" name="packed-refs.lock" dev="dm-0" ino=15145101 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438007.191:444): avc: denied { append } for pid=3454 comm="git" path="/easyepg/easyepg/.git/logs/refs/remotes/origin/HEAD" dev="dm-0" ino=1693072 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438007.194:445): avc: denied { setattr } for pid=3454 comm="git" name="config.lock" dev="dm-0" ino=15145095 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438007.284:446): avc: denied { write } for pid=3470 comm="cp" name="epg.sh" dev="dm-0" ino=13726290 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438009.167:447): avc: denied { rmdir } for pid=4007 comm="rm" name="branches" dev="dm-0" ino=1693060 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438009.175:448): avc: denied { remove_name } for pid=4007 comm="rm" name="easyepg" dev="dm-0" ino=8667266 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438009.931:449): avc: denied { setattr } for pid=4042 comm="chown" name="FUNDING.yml" dev="dm-0" ino=219726 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438009.931:450): avc: denied { setattr } for pid=4042 comm="chown" name=".github" dev="dm-0" ino=66995 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438083.683:452): avc: denied { create } for pid=4211 comm="git" name="easyepg" scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438083.684:453): avc: denied { write } for pid=4211 comm="git" name="easyepg" dev="dm-0" ino=1693058 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438083.684:454): avc: denied { add_name } for pid=4211 comm="git" name=".git" scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438083.690:455): avc: denied { remove_name } for pid=4211 comm="git" name="HEAD.lock" dev="dm-0" ino=5189568 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438083.692:456): avc: denied { create } for pid=4211 comm="git" name="tONRGVi" scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=lnk_file permissive=1 type=AVC msg=audit(1583438083.692:457): avc: denied { unlink } for pid=4211 comm="git" name="tONRGVi" dev="dm-0" ino=5189569 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=lnk_file permissive=1 type=AVC msg=audit(1583438085.463:458): avc: denied { link } for pid=4217 comm="git" name="tmp_pack_GtRffg" dev="dm-0" ino=5189571 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438085.539:459): avc: denied { write } for pid=4225 comm="cp" name="epg.sh" dev="dm-0" ino=13726290 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438087.491:460): avc: denied { rmdir } for pid=4743 comm="rm" name="branches" dev="dm-0" ino=9108396 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=system_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438087.500:461): avc: denied { write } for pid=4743 comm="rm" name="easyepg" dev="dm-0" ino=13351237 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438087.500:462): avc: denied { remove_name } for pid=4743 comm="rm" name="easyepg" dev="dm-0" ino=1693058 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438088.387:463): avc: denied { setattr } for pid=4769 comm="chown" name="FUNDING.yml" dev="dm-0" ino=219726 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438088.388:464): avc: denied { setattr } for pid=4769 comm="chown" name=".github" dev="dm-0" ino=66995 scontext=system_u:system_r:container_t:s0:c35,c445 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438413.905:492): avc: denied { write } for pid=5567 comm="git" name="easyepg" dev="dm-0" ino=13351237 scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438413.905:493): avc: denied { add_name } for pid=5567 comm="git" name="easyepg" scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438413.906:494): avc: denied { create } for pid=5567 comm="git" name="easyepg" scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=system_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438413.906:495): avc: denied { write } for pid=5567 comm="git" name="easyepg" dev="dm-0" ino=9140785 scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=system_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438413.906:496): avc: denied { add_name } for pid=5567 comm="git" name=".git" scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=system_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438413.916:497): avc: denied { create } for pid=5567 comm="git" name="description" scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438413.917:498): avc: denied { write } for pid=5567 comm="git" path="/easyepg/easyepg/.git/description" dev="dm-0" ino=14897477 scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438413.924:499): avc: denied { remove_name } for pid=5567 comm="git" name="HEAD.lock" dev="dm-0" ino=14897479 scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=system_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438413.924:500): avc: denied { rename } for pid=5567 comm="git" name="HEAD.lock" dev="dm-0" ino=14897479 scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438413.924:501): avc: denied { setattr } for pid=5567 comm="git" name="config" dev="dm-0" ino=14897480 scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438413.925:502): avc: denied { unlink } for pid=5567 comm="git" name="config" dev="dm-0" ino=14897480 scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1type=AVC msg=audit(1583438413.926:503): avc: denied { create } for pid=5567 comm="git" name="tgjDNkv" scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=system_u:object_r:bin_t:s0 tclass=lnk_file permissive=1 type=AVC msg=audit(1583438413.926:504): avc: denied { unlink } for pid=5567 comm="git" name="tgjDNkv" dev="dm-0" ino=14897480 scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=system_u:object_r:bin_t:s0 tclass=lnk_file permissive=1 type=AVC msg=audit(1583438415.493:505): avc: denied { link } for pid=5572 comm="git" name="tmp_pack_uWSQHj" dev="dm-0" ino=14897482 scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438415.499:506): avc: denied { append } for pid=5567 comm="git" path="/easyepg/easyepg/.git/logs/refs/remotes/origin/HEAD" dev="dm-0" ino=9140793 scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438415.524:507): avc: denied { create } for pid=5567 comm="git" name="ch_json2xml.pl" scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438415.525:508): avc: denied { write } for pid=5567 comm="git" path="/easyepg/easyepg/rdt/ch_json2xml.pl" dev="dm-0" ino=14897492 scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438415.542:509): avc: denied { rename } for pid=5567 comm="git" name="index.lock" dev="dm-0" ino=14897479 scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438415.715:510): avc: denied { write } for pid=5582 comm="cp" name="epg.sh" dev="dm-0" ino=13726290 scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438417.261:511): avc: denied { rmdir } for pid=6119 comm="rm" name="branches" dev="dm-0" ino=1680193 scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=system_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438417.261:512): avc: denied { unlink } for pid=6119 comm="rm" name="description" dev="dm-0" ino=14897477 scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438417.277:513): avc: denied { remove_name } for pid=6119 comm="rm" name="easyepg" dev="dm-0" ino=9140785 scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=1 type=AVC msg=audit(1583438418.143:514): avc: denied { setattr } for pid=6154 comm="chown" name="FUNDING.yml" dev="dm-0" ino=219726 scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=unconfined_u:object_r:bin_t:s0 tclass=file permissive=1 type=AVC msg=audit(1583438418.143:515): avc: denied { setattr } for pid=6154 comm="chown" name=".github" dev="dm-0" ino=66995 scontext=system_u:system_r:container_t:s0:c415,c791 tcontext=unconfined_u:object_r:bin_t:s0 tclass=dir permissive=1
-
By the way: The image from "qoopido" is the one I'm trying to use. It's the same as in the linked tutorial.
podman search easyepg INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED docker.io docker.io/mod242/easyepg Docker Image for easyepg 0 docker.io docker.io/qoopido/easyepg.minimal Minimal docker container to run easyepg 1 docker.io docker.io/takealug/easyepg A docker container for running easyepg with ... 1 docker.io docker.io/xuvin/easyepg easyEPG with Helper Script - Debian Base Ima... 0 docker.io docker.io/strowi/easyepg easyepg in a container 0
-
You can just tell podman to relabel the directory with :Z. For example:
podman run --rm -ti $PWD/mydirectory:/var/lib/something:Z fedora:31 bash
Now the $PWD/mydirectory has the
container_file_t
label. -
This is the initial setup:
docker start easyepg.admin docker exec -ti -u easyepg -w /easyepg easyepg.admin /bin/bash ./epg.sh
How to use the :Z option here? I read about it a lot but didn't get it to work.
After starting "docker/podman start easyepg.admin" I get those SELinux errors.The one and only reason why I want to try easyepg with docker / podman is because I overwrote my entire filesystem (there's a thread about this) after following this tutorial https://github.com/sunsettrack4/easyepg
# Setup to run the script daily at 3 AM 0 3 * * * cd ~/easyepg && bash epg.sh
This crontab entry is not working for me.
When I move manually to the easyepg directory and issue ./epg.sh the script is working fine. -
You would have to use it with the qoopido image.
Just start that image like a normal container and don't use that install script.
If you use that install script you have to manually set the SELinux context for the data directory.
-
@stacksofplates Okay. I'll try that way. I didn't tried that way yet.
-
I tried and I failed
When I try the qoopido image I cannot create necessary containers as described in the tutorial
When I try with the install script I get created necessary containers:[twolf@localhost ~]$ podman images REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/qoopido/easyepg.minimal latest 2f0ab58083e6 5 days ago 519 MB [twolf@localhost ~]$ podman ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 0e858d93e465 docker.io/qoopido/easyepg.minimal:latest 2 minutes ago Created easyepg.run 54b5774f1d6a docker.io/qoopido/easyepg.minimal:latest 2 minutes ago Created easyepg.admin
Starting container as described...
[twolf@localhost ~]$ podman start easyepg.admin easyepg.admin [twolf@localhost ~]$
... gives me:
type=AVC msg=audit(1583530938.391:329): avc: denied { create } for pid=32955 comm="git" name="exclude" scontext=system_u:system_r:container_t:s0:c104,c340 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=0 type=AVC msg=audit(1583530938.391:330): avc: denied { remove_name } for pid=32955 comm="git" name=".git" dev="dm-0" ino=372780 scontext=system_u:system_r:container_t:s0:c104,c340 tcontext=system_u:object_r:user_home_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1583530938.398:332): avc: denied { remove_name } for pid=32957 comm="rm" name="easyepg" dev="dm-0" ino=13846779 scontext=system_u:system_r:container_t:s0:c104,c340 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir permissive=0
-
If you want to run it the other way, just set the context for the directories you want to mount. They should be
container_t
. -
And how do I do it? That's the part with SELinux I have no idea...