I'm trying to enable selinux in permissive mode in systemd's mkosi development environment (kernel cmdline: selinux=1 enforcing=0). This leads to an unbootable system on Fedora 38 where I see many log messages such as the following:
[ 14.082895] dbus-broker[537]: A security policy denied :1.11 to send method call /org/freedesktop/DBus:org.freedesktop.DBus.Hello to org.freedesktop.DBus.
[ 14.089441] dbus-broker[537]: A security policy denied :1.11 to send method call /org/freedesktop/DBus:org.freedesktop.DBus.AddMatch to org.freedesktop.DBus.
[ 14.091191] dbus-broker[537]: A security policy denied :1.11 to send method call /org/freedesktop/DBus:org.freedesktop.DBus.GetNameOwner to org.freedesktop.DBus.
[ 14.093315] dbus-broker[537]: A security policy denied :1.11 to send method call /org/freedesktop/DBus:org.freedesktop.DBus.AddMatch to org.freedesktop.DBus.
[ 14.096283] dbus-broker[537]: A security policy denied :1.11 to send method call /org/freedesktop/DBus:org.freedesktop.DBus.GetNameOwner to org.freedesktop.DBus.
[ 14.104926] dbus-broker[537]: A security policy denied :1.11 to send method call /org/freedesktop/DBus:org.freedesktop.DBus.AddMatch to org.freedesktop.DBus.
[ 14.108630] dbus-broker[537]: A security policy denied :1.11 to send method call /org/freedesktop/DBus:org.freedesktop.DBus.GetNameOwner to org.freedesktop.DBus.
[ 14.111382] dbus-broker[537]: A security policy denied :1.11 to send method call /org/freedesktop/DBus:org.freedesktop.DBus.AddMatch to org.freedesktop.DBus.
[ 14.114287] dbus-broker[537]: A security policy denied :1.11 to send method call /org/freedesktop/DBus:org.freedesktop.DBus.GetNameOwner to org.freedesktop.DBus.
[ 14.119286] dbus-broker[537]: A security policy denied :1.11 to send method call /org/freedesktop/DBus:org.freedesktop.DBus.AddMatch to org.freedesktop.DBus.
[ 14.121532] dbus-broker[537]: A security policy denied :1.11 to send method call /org/freedesktop/DBus:org.freedesktop.DBus.GetNameOwner to org.freedesktop.DBus.
[ 14.123828] dbus-broker[537]: A security policy denied :1.11 to send method call /org/freedesktop/DBus:org.freedesktop.DBus.AddMatch to org.freedesktop.DBus.
[ 14.125690] dbus-broker[537]: A security policy denied :1.11 to send method call /org/freedesktop/DBus:org.freedesktop.DBus.GetNameOwner to org.freedesktop.DBus.
Should dbus-broker check whether selinux is in permissive mode before denying access to send method calls?
I'm trying to enable selinux in permissive mode in systemd's mkosi development environment (kernel cmdline: selinux=1 enforcing=0). This leads to an unbootable system on Fedora 38 where I see many log messages such as the following:
Should dbus-broker check whether selinux is in permissive mode before denying access to send method calls?