@TrevorH
The error is : "SELinux is preventing systemd from using the transition access on a process."
Here's the complete sealert message .
Thanks for looking into it.
SELinux is preventing /usr/lib/systemd/systemd from using the transition access on a process.
***** Plugin catchall (100. confidence) suggests **************************
If you believe that systemd should be allowed transition access on processes labeled unconfined_t by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c '(ncserver)' --raw | audit2allow -M my-ncserver
# semodule -i my-ncserver.pp
Additional Information:
Source Context system_u:system_r:init_t:s0
Target Context unconfined_u:unconfined_r:unconfined_t:s0
Target Objects /usr/bin/vncserver [ process ]
Source (ncserver)
Source Path /usr/lib/systemd/systemd
Port <Unknown>
Host xxxxxxx.yyyyyyy.zzzzzzz.com
Source RPM Packages
Target RPM Packages tigervnc-server-1.8.0-2.el7_4.x86_64
Policy RPM selinux-policy-3.13.1-166.el7_4.7.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name xxxxxxx.yyyyyyy.zzzzzzz.com
Platform Linux xxxxxxx.yyyyyyy.zzzzzzz.com
3.10.0-693.17.1.el7.x86_64 #1 SMP Thu Jan 25
20:13:58 UTC 2018 x86_64 x86_64
Alert Count 3
First Seen 2018-02-16 06:12:38 EST
Last Seen 2018-02-16 06:12:39 EST
Local ID 25fda139-1aed-46df-92eb-d2d0b39d5542
Raw Audit Messages
type=AVC msg=audit(1518779559.172:1647): avc: denied { transition } for pid=15719 comm="(ncserver)" path="/usr/bin/vncserver" dev="dm-0" ino=170302 scontext=system_u:system_r:init_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=process
Hash: (ncserver),init_t,unconfined_t,process,transition
tigervnc - behavior weird
Re: tigervnc - behavior weird
Post the output from ls -laZ /usr/bin/vncserver
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: tigervnc - behavior weird
Trevor,
The directory list is:
[root@xxxxxxxxx it]# ls -laZ /usr/bin/vncserver
-rwxr-xr-x. root root system_u:object_r:bin_t:s0 /usr/bin/vncserver
[root@xxxxxxxxx it]#
Regards
The directory list is:
[root@xxxxxxxxx it]# ls -laZ /usr/bin/vncserver
-rwxr-xr-x. root root system_u:object_r:bin_t:s0 /usr/bin/vncserver
[root@xxxxxxxxx it]#
Regards