SELinux message

Hi Rocky users,

I was running a CentOS 7 server in the DigitalOcean Cloud. I had been planning to set up a new CentOS 8 server and migrate (the server was running Nextcloud and Wordpress). I decided against CentOS stream as I prefer to have the long term support. Anyway Rocky, appears to be working out fine and the migration went well. I’m also using the REMI repo for PHP 8. I decided to check the logs just to check for anything that looked like a configuration issue. The only thing I noticed is the following SElinux message:

SELinux is preventing /usr/bin/df from getattr access on the directory /sys/kernel/config.

The message periodically repeats.

Cockpit gives the suggestion to allow it via:

ausearch -c ‘df’ --raw | audit2allow -M my-df
semodule -X 300 -i my-df.pp

I don’t know if I should do that not. So I’m seeking advice.

Regards Bill

I’m not seeing this on base install of Rocky 8.5. It sounds like you installed something that is checking disk space on a schedule. You could check cron jobs and systemd timers.

Ah. I wonder if Nextcloud does that. It has an associated cron job that runs periodically. Checking disk space could well be one of the tasks it does. Cheers for the idea.