I installed TCC via official rpm repository on my local machine with Fedora 39 (to be more specific silverblue - an immutable one). Unfortunately, I saw a lot of strange v8 errors in the journal related to tccd.service.
Mar 09 00:04:06 fedora systemd[1]: Started tccd.service - TUXEDO Control Center Service.
Mar 09 00:04:06 fedora tccd[21680]: #
Mar 09 00:04:06 fedora tccd[21680]: # Fatal error in , line 0
Mar 09 00:04:06 fedora tccd[21680]: # Check failed: reservation_.SetPermissions(protect_start, protect_size, permission).
Mar 09 00:04:06 fedora tccd[21680]: #
Mar 09 00:04:06 fedora tccd[21680]: #
Mar 09 00:04:06 fedora tccd[21680]: #
Mar 09 00:04:06 fedora tccd[21680]: #FailureMessage Object: 0x7ffd5faa4560
Mar 09 00:04:06 fedora tccd[21680]: 1: 0x94cca1 [/opt/tuxedo-control-center/resources/dist/tuxedo-control-center/data/service/tccd]
Mar 09 00:04:06 fedora tccd[21680]: 2: 0x1389ce9 V8_Fatal(char const*, ...) [/opt/tuxedo-control-center/resources/dist/tuxedo-control-center/data/service/tccd]
Mar 09 00:04:06 fedora tccd[21680]: 3: 0xbfce67 v8::internal::MemoryChunk::DecrementWriteUnprotectCounterAndMaybeSetPermissions(v8::PageAllocator::Permission) [/opt/tuxedo-control-center/resources/dist/tuxedo-control-center/data/service/tccd]
Mar 09 00:04:06 fedora tccd[21680]: 4: 0xc19cb5 v8::internal::PagedSpace::SetReadAndExecutable() [/opt/tuxedo-control-center/resources/dist/tuxedo-control-center/data/service/tccd]
Mar 09 00:04:06 fedora tccd[21680]: 5: 0xb3ae2e [/opt/tuxedo-control-center/resources/dist/tuxedo-control-center/data/service/tccd]
Mar 09 00:04:06 fedora tccd[21680]: 6: 0xef7d4e [/opt/tuxedo-control-center/resources/dist/tuxedo-control-center/data/service/tccd]
Mar 09 00:04:06 fedora tccd[21680]: 7: 0xa2143e v8::Isolate::Initialize(v8::Isolate*, v8::Isolate::CreateParams const&) [/opt/tuxedo-control-center/resources/dist/tuxedo-control-center/data/service/tccd]
Mar 09 00:04:06 fedora tccd[21680]: 8: 0x921f66 node::NodeMainInstance::NodeMainInstance(v8::Isolate::CreateParams*, uv_loop_s*, node::MultiIsolatePlatform*, std::vector<std::string, std::allocator<std::string> > const&, std::vector<std::string, std::a>
Mar 09 00:04:06 fedora tccd[21680]: 9: 0x8bf299 node::Start(int, char**) [/opt/tuxedo-control-center/resources/dist/tuxedo-control-center/data/service/tccd]
Mar 09 00:04:06 fedora tccd[21680]: 10: 0x7f92cb04614a [/lib64/libc.so.6]
Mar 09 00:04:06 fedora tccd[21680]: 11: 0x7f92cb04620b __libc_start_main [/lib64/libc.so.6]
So for me, it looks like the official package doesn't deliver the required security policies to work on fedora. I was able to quickly solve the issue by applying the policy mentioned below.
module tccd 1.0;
require {
type init_t;
type init_tmp_t;
type etc_t;
class file { execute write };
class process execmem;
}
#============= init_t ==============
allow init_t etc_t:file write;
allow init_t init_tmp_t:file execute;
allow init_t self:process execmem;
I installed TCC via official rpm repository on my local machine with Fedora 39 (to be more specific silverblue - an immutable one). Unfortunately, I saw a lot of strange v8 errors in the journal related to
tccd.service.At the same time in SELinux audit file I have.
So for me, it looks like the official package doesn't deliver the required security policies to work on fedora. I was able to quickly solve the issue by applying the policy mentioned below.