I’m on Fedora 35.
The first time (after boot) I do anything snap related (launch one/run any snap command), I get 3 SELinux alerts:
getattr
and open
on /home/.snapshots
; read
on /.snapshots
, the default paths for snapper.
Please correct me if I’m wrong, but I don’t see a reason for snapd to touch filesystem snapshots.
(Snaps still work fine)
Can you paste the actual AVC entries?
I didn’t get it again so far, I’ll keep an eye on it O_o
I recall a bug I someone filed a couple of days ago: https://bugzilla.redhat.com/show_bug.cgi?id=2027627. The /.snapshots
and $HOME/.snapshots
belong to snapper, not snapd. Vaguely similar names, but completely unrelated.
I am very well aware that snapper and snapd are unrelated, the alert (I accidentally deleted .__.) said snapd.
I’m just wondering why I didn’t see another SELinux alert so far O_o
You can probably go through the audit log: ausearch -m AVC,USER_AVC
and look for /.snapshots
.
sudo ausearch -m AVC,USER_AVC|grep snapshot
literally nothing.
Thanks so far, I’ll just keep going and an eye on angry SELinux alerts.
“Can’t reproduce” without changing things (as far as I know) is not ideal, but I’ll take it