I just upgraded a Fedora 40 system to duplicati 2.1.0.103_canary_2024-12-21, and I’m getting a lot of selinux alerts. A test backup appears to be progressing nonetheless.
Did I miss an upgrade step? What can I do to quiet these alerts? The setroubleshooter steps don’t seem to be helping…
semanage fcontext -a -t bin_t '/usr/lib/duplicati/duplicati'
semanage fcontext -a -t bin_t '/usr/lib/duplicati/duplicati-*'
restorecon -r /usr/lib/duplicati/
So far, it doesn’t appear to have made any difference.
Digging through the thread and linked data I also see where another user updated SElinux policies - I will research those and see if they help in my case.
There is a problem with the “semanage” commands I quoted - the wildcard does not work. Here is a corrected version
semanage fcontext -a -t bin_t '/usr/lib/duplicati/duplicati'
for f in /usr/lib/duplicati/duplicati-*
do
semanage fcontext -a -t bin_t ${f}
done
restorecon -r /usr/lib/duplicati/
Using this corrected version appears to have resolved my SElinux issues, with the caveat that I have also added various SElinux policies as well, so at the moment it isn’t clear if the above commands are sufficient by themselves, or if the policies were also needed. I am going to research how to “undo” the SElinux policies and will report back with what I find.