Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-106586

AVC denials for "allow insights_core_t user_tmp_t:sock_file write;"

Linking RHIVOS CVEs to...Migration: Automation ...Sync from "Extern...XMLWordPrintable

    • No
    • Moderate
    • subs-client-tools
    • 3
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      This bug happens with selinux-policy-41.38-1.fc43:

       

      #============= insights_core_t ==============

      1. src=“insights_core_t” tgt=“user_tmp_t” class=“sock_file”, perms=“write”
      1. comm=“pg-connect-ag” exe=“” path=“”

      allow insights_core_t user_tmp_t:sock_file write;

       


      type=PROCTITLE msg=audit(04/23/2025 21:20:33.143:121) : proctitle=gpg-connect-agent --homedir /var/lib/insights/tmpx554n3h7 -s --no-autostart GETINFO tpm2d_running /if ${! $?} scd killtpm2cd /en

      type=PATH msg=audit(04/23/2025 21:20:33.143:121) : item=0 name=/run/user/0/gnupg/d.yfe5giqwonnmxmhjrkfa1df6/S.gpg-agent inode=51 dev=00:2d mode=socket,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:user_tmp_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

      type=CWD msg=audit(04/23/2025 21:20:33.143:121) : cwd=/

      type=SOCKADDR msg=audit(04/23/2025 21:20:33.143:121) : saddr={ saddr_fam=local path=/run/user/0/gnupg/d.yfe5giqwonnmxmhjrkfa1df6/S.gpg-agent }

      type=SYSCALL msg=audit(04/23/2025 21:20:33.143:121) : arch=x86_64 syscall=connect success=no exit=EACCES(Permission denied) a0=0x3 a1=0x7ffff0ad67b0 a2=0x3a a3=0x0 items=1 ppid=1570 pid=1572 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=gpg-connect-age exe=/usr/bin/gpg-connect-agent subj=system_u:system_r:insights_core_t:s0 key=(null)

      type=AVC msg=audit(04/23/2025 21:20:33.143:121) : avc: denied { write } for pid=1572 comm=gpg-connect-age name=S.gpg-agent dev=“tmpfs” ino=51 scontext=system_u:system_r:insights_core_t:s0 tcontext=system_u:object_r:user_tmp_t:s0 tclass=sock_file permissive=0


      type=PROCTITLE msg=audit(04/23/2025 21:20:33.146:122) : proctitle=gpg-connect-agent --homedir /var/lib/insights/tmpx554n3h7 -s --no-autostart GETINFO scd_running /if ${! $?} scd killscd /end

      type=PATH msg=audit(04/23/2025 21:20:33.146:122) : item=0 name=/run/user/0/gnupg/d.yfe5giqwonnmxmhjrkfa1df6/S.gpg-agent inode=51 dev=00:2d mode=socket,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:user_tmp_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

      type=CWD msg=audit(04/23/2025 21:20:33.146:122) : cwd=/

      type=SOCKADDR msg=audit(04/23/2025 21:20:33.146:122) : saddr={ saddr_fam=local path=/run/user/0/gnupg/d.yfe5giqwonnmxmhjrkfa1df6/S.gpg-agent }

      type=SYSCALL msg=audit(04/23/2025 21:20:33.146:122) : arch=x86_64 syscall=connect success=no exit=EACCES(Permission denied) a0=0x3 a1=0x7fffb4db5dd0 a2=0x3a a3=0x0 items=1 ppid=1570 pid=1573 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=gpg-connect-age exe=/usr/bin/gpg-connect-agent subj=system_u:system_r:insights_core_t:s0 key=(null)

      type=AVC msg=audit(04/23/2025 21:20:33.146:122) : avc: denied { write } for pid=1573 comm=gpg-connect-age name=S.gpg-agent dev=“tmpfs” ino=51 scontext=system_u:system_r:insights_core_t:s0 tcontext=system_u:object_r:user_tmp_t:s0 tclass=sock_file permissive=0


      type=PROCTITLE msg=audit(04/23/2025 21:20:33.148:123) : proctitle=gpg-connect-agent --homedir /var/lib/insights/tmpx554n3h7 --no-autostart KILLAGENT

      type=PATH msg=audit(04/23/2025 21:20:33.148:123) : item=0 name=/run/user/0/gnupg/d.yfe5giqwonnmxmhjrkfa1df6/S.gpg-agent inode=51 dev=00:2d mode=socket,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:user_tmp_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

      type=CWD msg=audit(04/23/2025 21:20:33.148:123) : cwd=/

      type=SOCKADDR msg=audit(04/23/2025 21:20:33.148:123) : saddr={ saddr_fam=local path=/run/user/0/gnupg/d.yfe5giqwonnmxmhjrkfa1df6/S.gpg-agent }

      type=SYSCALL msg=audit(04/23/2025 21:20:33.148:123) : arch=x86_64 syscall=connect success=no exit=EACCES(Permission denied) a0=0x3 a1=0x7ffedfcdd3b0 a2=0x3a a3=0x0 items=1 ppid=1570 pid=1574 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=gpg-connect-age exe=/usr/bin/gpg-connect-agent subj=system_u:system_r:insights_core_t:s0 key=(null)

      type=AVC msg=audit(04/23/2025 21:20:33.148:123) : avc: denied { write } for pid=1574 comm=gpg-connect-age name=S.gpg-agent dev=“tmpfs” ino=51 scontext=system_u:system_r:insights_core_t:s0 tcontext=system_u:object_r:user_tmp_t:s0 tclass=sock_file permissive=0

              rhn-support-xialiu Xiangce Liu
              qianzhan@redhat.com Qianqian Zhang
              Xiangce Liu Xiangce Liu
              Qianqian Zhang Qianqian Zhang
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: