Score:0

Why there are SELinux errors in permissive mode?

cn flag

I have set CentOS 8 Stream with SELinux set to permissive but I still have bunch of red lines in the log e.g.:

SELinux is preventing /usr/lib/systemd/systemd from name_connect access on the tcp_socket port 80

Are these real or its just printing - what would be happening if it was in restrictive mode?

Valentin Bajrami avatar
br flag
Disabling or setting `SELinux` to `permissive` mode is not recommended. It is there for a reason. A better approach would be to look into the problem and solve it with `SELinux` enabled.
Score:3
br flag

Per the documentation:

When SELinux is running in permissive mode, SELinux policy is not enforced. The system remains operational and SELinux does not deny any operations but only logs AVC messages, which can be then used for troubleshooting, debugging, and SELinux policy improvements.

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/using_selinux/changing-selinux-states-and-modes_using-selinux

Also see /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - No SELinux policy is loaded.
SELINUX=permissive
Boppity Bop avatar
cn flag
yes this is why I asked because these bits of log are printed as if they were errors not warnings and I dont really know were these actions stopped or let through with the print in the log.. they could have made it more clear in the log text
utdrmac avatar
in flag
Even in Permissive mode, SELinux is blocking/denying file access. I am directly experiencing this in CentOS8 and RL8 as are others: https://github.com/jellyfin/jellyfin/issues/8114
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.