on a clean install of RHEL-8.9 from iso, with selinux in its default state of enforcing, **geoclue** shows up via
sealert -a /var/log/audit/audit.log
SELinux is preventing /usr/libexec/geoclue from search access on the directory /proc//cgroup.
***** Plugin catchall (100. confidence) suggests **************************
If you believe that geoclue should be allowed search access on the cgroup directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'geoclue' --raw | audit2allow -M my-geoclue
# semodule -X 300 -i my-geoclue.pp
trying to stop this selinux alert with those two commands does not work.
- can geoclue be uninstalled?
- the geoclue.service shows up as static; can this be disabled to stop the selinux alert from happening?
- what is geoclue and why is it there?
Asked by ron
(8647 rep)
May 7, 2024, 08:19 PM
Last activity: May 8, 2024, 08:14 PM
Last activity: May 8, 2024, 08:14 PM