Loading...

Type: Bug
Resolution: Unresolved
Priority: Undefined
Fix Version/s: None
Affects Version/s: rhel-9.7
Component/s: insights-core-selinux
Labels:
None

Regression:
No
Severity:
None

AssignedTeam:
subs-client-tools

Story Points:
None
Blocked:
False
Ready:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
None
Sprint:
None

Preliminary Testing:
None
Test Coverage:
None

ProdDocsReview-CCS:
Unspecified
ProdDocsReview-Dev:
Unspecified
ProdDocsReview-QE:
Unspecified

Experience:

PX Impact Score:
SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

What were you trying to do that didn't work?

Run rhc remediation

What is the impact of this issue to you?

Failed to run remediation

Please provide the package NVR for which the bug is seen:

On RHEL-9.7.0-updates-20250814.1:

selinux-policy-38.1.63-1.el9.noarch
selinux-policy-targeted-38.1.63-1.el9.noarch
insights-core-selinux-3.7.0-2.el9.noarch
insights-client-3.9.0-5.el9.noarch

How reproducible is this bug?:

Steps to reproduce

rhc connect
dnf -y install rhc rhc-worker-playbook
systemctl restart rhcd.service
chmod 777 /etc/ssh/sshd_config
insights-client
run remediations from consoledot

Expected results

No insights-core related AVC denials during remediation.

Actual results

AVC for "allow insights_core_t rhcd_t:fifo_file { read write };" and "allow rhcd_t insights_core_t:process transition;" happened:

[root@virtlab510 ~]# ausearch -i -m avc,user_avc,selinux_err,user_selinux_err -ts boot | audit2allow -v

#============= insights_client_t ==============

# src="insights_client_t" tgt="rpm_exec_t" class="file", perms="getattr"

# comm="nsights-clien" exe="" path=""

allow insights_client_t rpm_exec_t:file getattr;

 

#============= insights_core_t ==============

# src="insights_core_t" tgt="rhcd_t" class="fifo_file", perms="\{ read write }"

# comm="ython" exe="" path=""

allow insights_core_t rhcd_t:fifo_file \{ read write };

 

#============= rhcd_t ==============

# src="rhcd_t" tgt="gpg_agent_t" class="unix_stream_socket", perms="connectto"

# comm="pg-connect-ag" exe="" path=""

allow rhcd_t gpg_agent_t:unix_stream_socket connectto;

# src="rhcd_t" tgt="insights_client_var_lib_t" class="dir", perms="\{ add_name create remove_name rmdir write }"

# comm="nsights-clien" exe="" path=""

allow rhcd_t insights_client_var_lib_t:dir \{ add_name create remove_name rmdir write };

# src="rhcd_t" tgt="insights_client_var_lib_t" class="file", perms="unlink"

# comm="nsights-clien" exe="" path=""

allow rhcd_t insights_client_var_lib_t:file unlink;

# src="rhcd_t" tgt="insights_client_var_log_t" class="dir", perms="\{ add_name write }"

# comm="nsights-clien" exe="" path=""

allow rhcd_t insights_client_var_log_t:dir \{ add_name write };

# src="rhcd_t" tgt="insights_client_var_log_t" class="file", perms="create"

# comm="nsights-clien" exe="" path=""

allow rhcd_t insights_client_var_log_t:file create;

# src="rhcd_t" tgt="insights_core_t" class="process", perms="transition"

# comm="nsights-clien" exe="" path=""

allow rhcd_t insights_core_t:process transition;

# src="rhcd_t" tgt="rhcd_t" class="process", perms="setexec"

# comm="nsights-clien" exe="" path=""

allow rhcd_t self:process setexec;

# src="rhcd_t" tgt="user_tmp_t" class="sock_file", perms="write"

# comm="pg-connect-ag" exe="" path=""

allow rhcd_t user_tmp_t:sock_file write;

# src="rhcd_t" tgt="var_run_t" class="file", perms="\{ create unlink write }"

# comm="ython" exe="" path=""

allow rhcd_t var_run_t:file \{ create unlink write };

 

#============= squid_t ==============

# src="squid_t" tgt="sysctl_net_t" class="dir", perms="search"

# comm="qui" exe="" path=""

allow squid_t sysctl_net_t:dir search;

[root@virtlab510 ~]# ausearch -i -m avc,user_avc,selinux_err,user_selinux_err -ts boot

----

type=PROCTITLE msg=audit(08/14/2025 20:41:14.360:61) : proctitle=/usr/sbin/squid --foreground -f /etc/squid/squid.conf

type=PATH msg=audit(08/14/2025 20:41:14.360:61) : item=0 name=/proc/sys/net/ipv6/conf/all/disable_ipv6 nametype=UNKNOWN cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=CWD msg=audit(08/14/2025 20:41:14.360:61) : cwd=/

type=SYSCALL msg=audit(08/14/2025 20:41:14.360:61) : arch=x86_64 syscall=openat success=no exit=EACCES(Permission denied) a0=AT_FDCWD a1=0x7fff4ecfb500 a2=O_RDONLY|O_NOCTTY|O_CLOEXEC a3=0x0 items=1 ppid=1 pid=1528 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=squid exe=/usr/sbin/squid subj=system_u:system_r:squid_t:s0 key=(null)

type=AVC msg=audit(08/14/2025 20:41:14.360:61) : avc:  denied  { search } for  pid=1528 comm=squid name=net dev="proc" ino=16446 scontext=system_u:system_r:squid_t:s0 tcontext=system_u:object_r:sysctl_net_t:s0 tclass=dir permissive=0

----

type=PROCTITLE msg=audit(08/14/2025 20:41:14.544:62) : proctitle=(squid-1) --kid squid-1 --foreground -f /etc/squid/squid.conf

type=PATH msg=audit(08/14/2025 20:41:14.544:62) : item=0 name=/proc/sys/net/ipv6/conf/all/disable_ipv6 nametype=UNKNOWN cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=CWD msg=audit(08/14/2025 20:41:14.544:62) : cwd=/

type=SYSCALL msg=audit(08/14/2025 20:41:14.544:62) : arch=x86_64 syscall=openat success=no exit=EACCES(Permission denied) a0=AT_FDCWD a1=0x7ffd977d9580 a2=O_RDONLY|O_NOCTTY|O_CLOEXEC a3=0x0 items=1 ppid=1528 pid=1583 auid=unset uid=squid gid=squid euid=root suid=root fsuid=root egid=squid sgid=squid fsgid=squid tty=(none) ses=unset comm=squid exe=/usr/sbin/squid subj=system_u:system_r:squid_t:s0 key=(null)

type=AVC msg=audit(08/14/2025 20:41:14.544:62) : avc:  denied  { search } for  pid=1583 comm=squid name=net dev="proc" ino=16446 scontext=system_u:system_r:squid_t:s0 tcontext=system_u:object_r:sysctl_net_t:s0 tclass=dir permissive=0

----

type=PROCTITLE msg=audit(08/14/2025 20:42:24.380:140) : proctitle=/usr/bin/python3 /usr/bin/insights-client --check-results

type=PATH msg=audit(08/14/2025 20:42:24.380:140) : item=0 name=/usr/bin/rpm inode=201996865 dev=fd:00 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:rpm_exec_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=CWD msg=audit(08/14/2025 20:42:24.380:140) : cwd=/

type=SYSCALL msg=audit(08/14/2025 20:42:24.380:140) : arch=x86_64 syscall=newfstatat success=no exit=EACCES(Permission denied) a0=AT_FDCWD a1=0x7f3e8c960590 a2=0x7ffef4e81890 a3=0x0 items=1 ppid=1 pid=3883 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=insights-client exe=/usr/bin/python3.9 subj=system_u:system_r:insights_client_t:s0 key=(null)

type=AVC msg=audit(08/14/2025 20:42:24.380:140) : avc:  denied  { getattr } for  pid=3883 comm=insights-client path=/usr/bin/rpm dev="dm-0" ino=201996865 scontext=system_u:system_r:insights_client_t:s0 tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file permissive=0

----

type=PROCTITLE msg=audit(08/14/2025 21:00:54.471:182) : proctitle=/usr/bin/python3 /usr/bin/insights-client --check-results

type=PATH msg=audit(08/14/2025 21:00:54.471:182) : item=0 name=/usr/bin/rpm inode=201996865 dev=fd:00 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:rpm_exec_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=CWD msg=audit(08/14/2025 21:00:54.471:182) : cwd=/

type=SYSCALL msg=audit(08/14/2025 21:00:54.471:182) : arch=x86_64 syscall=newfstatat success=no exit=EACCES(Permission denied) a0=AT_FDCWD a1=0x7f0157988590 a2=0x7ffeee912920 a3=0x0 items=1 ppid=1 pid=6414 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=insights-client exe=/usr/bin/python3.9 subj=system_u:system_r:insights_client_t:s0 key=(null)

type=AVC msg=audit(08/14/2025 21:00:54.471:182) : avc:  denied  { getattr } for  pid=6414 comm=insights-client path=/usr/bin/rpm dev="dm-0" ino=201996865 scontext=system_u:system_r:insights_client_t:s0 tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file permissive=0

----

type=PROCTITLE msg=audit(08/14/2025 21:22:26.773:197) : proctitle=/usr/bin/python3 /bin/insights-client -m insights.client.apps.ansible.playbook_verifier --quiet --payload noop --content-type no

type=PATH msg=audit(08/14/2025 21:22:26.773:197) : item=1 name=/var/lib/insights/tmpk9rms69p inode=67968386 dev=fd:00 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:insights_client_var_lib_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=PATH msg=audit(08/14/2025 21:22:26.773:197) : item=0 name=/var/lib/insights/ inode=67603447 dev=fd:00 mode=dir,750 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:insights_client_var_lib_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=CWD msg=audit(08/14/2025 21:22:26.773:197) : cwd=/

type=SYSCALL msg=audit(08/14/2025 21:22:26.773:197) : arch=x86_64 syscall=mkdir success=yes exit=0 a0=0x7f5ce096da50 a1=0700 a2=0x0 a3=0x7f5ce1084bec items=2 ppid=4832 pid=7067 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=insights-client exe=/usr/bin/python3.9 subj=system_u:system_r:rhcd_t:s0 key=(null)

type=AVC msg=audit(08/14/2025 21:22:26.773:197) : avc:  denied  { create } for  pid=7067 comm=insights-client name=tmpk9rms69p scontext=system_u:system_r:rhcd_t:s0 tcontext=system_u:object_r:insights_client_var_lib_t:s0 tclass=dir permissive=1

type=AVC msg=audit(08/14/2025 21:22:26.773:197) : avc:  denied  { add_name } for  pid=7067 comm=insights-client name=tmpk9rms69p scontext=system_u:system_r:rhcd_t:s0 tcontext=system_u:object_r:insights_client_var_lib_t:s0 tclass=dir permissive=1

type=AVC msg=audit(08/14/2025 21:22:26.773:197) : avc:  denied  { write } for  pid=7067 comm=insights-client name=insights dev="dm-0" ino=67603447 scontext=system_u:system_r:rhcd_t:s0 tcontext=system_u:object_r:insights_client_var_lib_t:s0 tclass=dir permissive=1

----

type=PROCTITLE msg=audit(08/14/2025 21:22:26.796:198) : proctitle=gpg-connect-agent --homedir /var/lib/insights/tmpk9rms69p -s --no-autostart GETINFO scd_running /if ${! $?} scd killscd /end

type=PATH msg=audit(08/14/2025 21:22:26.796:198) : item=0 name=/run/user/0/gnupg/d.wqifwbf65i4t6smp8j46xhyh/S.gpg-agent inode=171 dev=00:28 mode=socket,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:user_tmp_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=CWD msg=audit(08/14/2025 21:22:26.796:198) : cwd=/

type=SOCKADDR msg=audit(08/14/2025 21:22:26.796:198) : saddr=\{ saddr_fam=local path=/run/user/0/gnupg/d.wqifwbf65i4t6smp8j46xhyh/S.gpg-agent }

type=SYSCALL msg=audit(08/14/2025 21:22:26.796:198) : arch=x86_64 syscall=connect success=yes exit=0 a0=0x3 a1=0x7ffef37465b0 a2=0x3a a3=0x0 items=1 ppid=7095 pid=7097 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=gpg-connect-age exe=/usr/bin/gpg-connect-agent subj=system_u:system_r:rhcd_t:s0 key=(null)

type=AVC msg=audit(08/14/2025 21:22:26.796:198) : avc:  denied  { connectto } for  pid=7097 comm=gpg-connect-age path=/run/user/0/gnupg/d.wqifwbf65i4t6smp8j46xhyh/S.gpg-agent scontext=system_u:system_r:rhcd_t:s0 tcontext=system_u:system_r:gpg_agent_t:s0 tclass=unix_stream_socket permissive=1

type=AVC msg=audit(08/14/2025 21:22:26.796:198) : avc:  denied  { write } for  pid=7097 comm=gpg-connect-age name=S.gpg-agent dev="tmpfs" ino=171 scontext=system_u:system_r:rhcd_t:s0 tcontext=system_u:object_r:user_tmp_t:s0 tclass=sock_file permissive=1

----

type=PROCTITLE msg=audit(08/14/2025 21:22:26.800:199) : proctitle=/usr/bin/python3 /bin/insights-client -m insights.client.apps.ansible.playbook_verifier --quiet --payload noop --content-type no

type=PATH msg=audit(08/14/2025 21:22:26.800:199) : item=1 name=pubring.kbx~ inode=68421522 dev=fd:00 mode=file,600 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:insights_client_var_lib_t:s0 nametype=DELETE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=PATH msg=audit(08/14/2025 21:22:26.800:199) : item=0 name=/ inode=67968386 dev=fd:00 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:insights_client_var_lib_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=CWD msg=audit(08/14/2025 21:22:26.800:199) : cwd=/

type=SYSCALL msg=audit(08/14/2025 21:22:26.800:199) : arch=x86_64 syscall=unlinkat success=yes exit=0 a0=0x3 a1=0x7f5ce068f5c0 a2=0x0 a3=0x7f5ce1085c28 items=2 ppid=4832 pid=7067 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=insights-client exe=/usr/bin/python3.9 subj=system_u:system_r:rhcd_t:s0 key=(null)

type=AVC msg=audit(08/14/2025 21:22:26.800:199) : avc:  denied  { unlink } for  pid=7067 comm=insights-client name=pubring.kbx~ dev="dm-0" ino=68421522 scontext=system_u:system_r:rhcd_t:s0 tcontext=system_u:object_r:insights_client_var_lib_t:s0 tclass=file permissive=1

type=AVC msg=audit(08/14/2025 21:22:26.800:199) : avc:  denied  { remove_name } for  pid=7067 comm=insights-client name=pubring.kbx~ dev="dm-0" ino=68421522 scontext=system_u:system_r:rhcd_t:s0 tcontext=system_u:object_r:insights_client_var_lib_t:s0 tclass=dir permissive=1

----

type=PROCTITLE msg=audit(08/14/2025 21:22:26.800:200) : proctitle=/usr/bin/python3 /bin/insights-client -m insights.client.apps.ansible.playbook_verifier --quiet --payload noop --content-type no

type=PATH msg=audit(08/14/2025 21:22:26.800:200) : item=1 name=private-keys-v1.d inode=134872151 dev=fd:00 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:insights_client_var_lib_t:s0 nametype=DELETE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=PATH msg=audit(08/14/2025 21:22:26.800:200) : item=0 name=/ inode=67968386 dev=fd:00 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:insights_client_var_lib_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=CWD msg=audit(08/14/2025 21:22:26.800:200) : cwd=/

type=SYSCALL msg=audit(08/14/2025 21:22:26.800:200) : arch=x86_64 syscall=unlinkat success=yes exit=0 a0=0x3 a1=0x7f5ce06ab1d0 a2=0x200 a3=0x7f5ce10871f8 items=2 ppid=4832 pid=7067 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=insights-client exe=/usr/bin/python3.9 subj=system_u:system_r:rhcd_t:s0 key=(null)

type=AVC msg=audit(08/14/2025 21:22:26.800:200) : avc:  denied  { rmdir } for  pid=7067 comm=insights-client name=private-keys-v1.d dev="dm-0" ino=134872151 scontext=system_u:system_r:rhcd_t:s0 tcontext=system_u:object_r:insights_client_var_lib_t:s0 tclass=dir permissive=1

----

type=PROCTITLE msg=audit(08/14/2025 21:22:27.237:202) : proctitle=/usr/bin/python3 -c from insights.client import InsightsClient; print(InsightsClient(None, False).version())

type=PATH msg=audit(08/14/2025 21:22:27.237:202) : item=1 name=/var/run/insights-client.pid inode=1929 dev=00:18 mode=file,644 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=PATH msg=audit(08/14/2025 21:22:27.237:202) : item=0 name=/var/run/ inode=1 dev=00:18 mode=dir,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=CWD msg=audit(08/14/2025 21:22:27.237:202) : cwd=/

type=SYSCALL msg=audit(08/14/2025 21:22:27.237:202) : arch=x86_64 syscall=openat success=yes exit=3 a0=AT_FDCWD a1=0x7fa9172baf90 a2=O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC a3=0x1b6 items=2 ppid=7067 pid=7117 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=python3 exe=/usr/bin/python3.9 subj=system_u:system_r:rhcd_t:s0 key=(null)

type=AVC msg=audit(08/14/2025 21:22:27.237:202) : avc:  denied  { write } for  pid=7117 comm=python3 path=/run/insights-client.pid dev="tmpfs" ino=1929 scontext=system_u:system_r:rhcd_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1

type=AVC msg=audit(08/14/2025 21:22:27.237:202) : avc:  denied  { create } for  pid=7117 comm=python3 name=insights-client.pid scontext=system_u:system_r:rhcd_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1

----

type=PROCTITLE msg=audit(08/14/2025 21:22:27.237:203) : proctitle=/usr/bin/python3 -c from insights.client import InsightsClient; print(InsightsClient(None, False).version())

type=PATH msg=audit(08/14/2025 21:22:27.237:203) : item=1 name=/run/insights-client.ppid inode=1930 dev=00:18 mode=file,644 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=DELETE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=PATH msg=audit(08/14/2025 21:22:27.237:203) : item=0 name=/run/ inode=1 dev=00:18 mode=dir,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=CWD msg=audit(08/14/2025 21:22:27.237:203) : cwd=/

type=SYSCALL msg=audit(08/14/2025 21:22:27.237:203) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x7fa9172ba050 a1=0x0 a2=0x0 a3=0x7fa919e85c28 items=2 ppid=7067 pid=7117 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=python3 exe=/usr/bin/python3.9 subj=system_u:system_r:rhcd_t:s0 key=(null)

type=AVC msg=audit(08/14/2025 21:22:27.237:203) : avc:  denied  { unlink } for  pid=7117 comm=python3 name=insights-client.ppid dev="tmpfs" ino=1930 scontext=system_u:system_r:rhcd_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1

----

type=PROCTITLE msg=audit(08/14/2025 21:22:28.077:205) : proctitle=/usr/bin/python3 /bin/insights-client -m insights.client.apps.ansible.playbook_verifier --quiet --payload noop --content-type no

type=PATH msg=audit(08/14/2025 21:22:28.077:205) : item=1 name=/var/log/insights-client/insights-client-payload.log inode=134872159 dev=fd:00 mode=file,600 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:insights_client_var_log_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=PATH msg=audit(08/14/2025 21:22:28.077:205) : item=0 name=/var/log/insights-client/ inode=134616815 dev=fd:00 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:insights_client_var_log_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=CWD msg=audit(08/14/2025 21:22:28.077:205) : cwd=/

type=SYSCALL msg=audit(08/14/2025 21:22:28.077:205) : arch=x86_64 syscall=openat success=yes exit=3 a0=AT_FDCWD a1=0x7f5cdfb16530 a2=O_WRONLY|O_CREAT|O_APPEND|O_CLOEXEC a3=0x1b6 items=2 ppid=4832 pid=7067 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=insights-client exe=/usr/bin/python3.9 subj=system_u:system_r:rhcd_t:s0 key=(null)

type=AVC msg=audit(08/14/2025 21:22:28.077:205) : avc:  denied  { create } for  pid=7067 comm=insights-client name=insights-client-payload.log scontext=system_u:system_r:rhcd_t:s0 tcontext=system_u:object_r:insights_client_var_log_t:s0 tclass=file permissive=1

type=AVC msg=audit(08/14/2025 21:22:28.077:205) : avc:  denied  { add_name } for  pid=7067 comm=insights-client name=insights-client-payload.log scontext=system_u:system_r:rhcd_t:s0 tcontext=system_u:object_r:insights_client_var_log_t:s0 tclass=dir permissive=1

type=AVC msg=audit(08/14/2025 21:22:28.077:205) : avc:  denied  { write } for  pid=7067 comm=insights-client name=insights-client dev="dm-0" ino=134616815 scontext=system_u:system_r:rhcd_t:s0 tcontext=system_u:object_r:insights_client_var_log_t:s0 tclass=dir permissive=1

----

type=PROCTITLE msg=audit(08/14/2025 21:22:28.111:206) : proctitle=/usr/bin/python3 /bin/insights-client -m insights.client.apps.ansible.playbook_verifier --quiet --payload noop --content-type no

type=SYSCALL msg=audit(08/14/2025 21:22:28.111:206) : arch=x86_64 syscall=write success=yes exit=37 a0=0x4 a1=0x5613d222fcc0 a2=0x25 a3=0x0 items=0 ppid=4832 pid=7067 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=insights-client exe=/usr/bin/python3.9 subj=system_u:system_r:rhcd_t:s0 key=(null)

type=AVC msg=audit(08/14/2025 21:22:28.111:206) : avc:  denied  { setexec } for  pid=7067 comm=insights-client scontext=system_u:system_r:rhcd_t:s0 tcontext=system_u:system_r:rhcd_t:s0 tclass=process permissive=1

----

type=PROCTITLE msg=audit(08/14/2025 21:22:28.111:207) : proctitle=/usr/bin/python3 /usr/lib/python3.9/site-packages/insights_client/run.py -m insights.client.apps.ansible.playbook_verifier --qui

type=PATH msg=audit(08/14/2025 21:22:28.111:207) : item=1 name=/lib64/ld-linux-x86-64.so.2 inode=2976 dev=fd:00 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=PATH msg=audit(08/14/2025 21:22:28.111:207) : item=0 name=/usr/bin/python3 inode=201464773 dev=fd:00 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:bin_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=CWD msg=audit(08/14/2025 21:22:28.111:207) : cwd=/

type=EXECVE msg=audit(08/14/2025 21:22:28.111:207) : argc=9 a0=/usr/bin/python3 a1=/usr/lib/python3.9/site-packages/insights_client/run.py a2=-m a3=insights.client.apps.ansible.playbook_verifier a4=--quiet a5=--payload a6=noop a7=--content-type a8=noop

type=SYSCALL msg=audit(08/14/2025 21:22:28.111:207) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x7f5cde2c2b10 a1=0x7f5cdfb14530 a2=0x7f5cde32b390 a3=0x0 items=2 ppid=7067 pid=7154 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=python3 exe=/usr/bin/python3.9 subj=system_u:system_r:insights_core_t:s0 key=(null)

type=AVC msg=audit(08/14/2025 21:22:28.111:207) : avc:  denied  { write } for  pid=7154 comm=python3 path=pipe:[101952] dev="pipefs" ino=101952 scontext=system_u:system_r:insights_core_t:s0 tcontext=system_u:system_r:rhcd_t:s0 tclass=fifo_file permissive=0

type=AVC msg=audit(08/14/2025 21:22:28.111:207) : avc:  denied  { write } for  pid=7154 comm=python3 path=pipe:[101951] dev="pipefs" ino=101951 scontext=system_u:system_r:insights_core_t:s0 tcontext=system_u:system_r:rhcd_t:s0 tclass=fifo_file permissive=0

type=AVC msg=audit(08/14/2025 21:22:28.111:207) : avc:  denied  { read } for  pid=7154 comm=python3 path=pipe:[101950] dev="pipefs" ino=101950 scontext=system_u:system_r:insights_core_t:s0 tcontext=system_u:system_r:rhcd_t:s0 tclass=fifo_file permissive=0

type=AVC msg=audit(08/14/2025 21:22:28.111:207) : avc:  denied  { transition } for  pid=7154 comm=insights-client path=/usr/bin/python3.9 dev="dm-0" ino=201464773 scontext=system_u:system_r:rhcd_t:s0 tcontext=system_u:system_r:insights_core_t:s0 tclass=process permissive=1

----

type=PROCTITLE msg=audit(08/14/2025 21:22:28.563:208) : proctitle=/usr/bin/python3 /bin/insights-client -m insights.client.apps.ansible.playbook_verifier --quiet --payload noop --content-type no

type=PATH msg=audit(08/14/2025 21:22:28.563:208) : item=1 name=/var/lib/insights/tmpk_5gg520 inode=201398981 dev=fd:00 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:insights_client_var_lib_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=PATH msg=audit(08/14/2025 21:22:28.563:208) : item=0 name=/var/lib/insights/ inode=67603447 dev=fd:00 mode=dir,750 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:insights_client_var_lib_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=CWD msg=audit(08/14/2025 21:22:28.563:208) : cwd=/

type=SYSCALL msg=audit(08/14/2025 21:22:28.563:208) : arch=x86_64 syscall=mkdir success=yes exit=0 a0=0x7f5cdfaa5f50 a1=0700 a2=0x0 a3=0x7f5ce1084bec items=2 ppid=4832 pid=7067 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=insights-client exe=/usr/bin/python3.9 subj=system_u:system_r:rhcd_t:s0 key=(null)

type=AVC msg=audit(08/14/2025 21:22:28.563:208) : avc:  denied  { create } for  pid=7067 comm=insights-client name=tmpk_5gg520 scontext=system_u:system_r:rhcd_t:s0 tcontext=system_u:object_r:insights_client_var_lib_t:s0 tclass=dir permissive=1

type=AVC msg=audit(08/14/2025 21:22:28.563:208) : avc:  denied  { add_name } for  pid=7067 comm=insights-client name=tmpk_5gg520 scontext=system_u:system_r:rhcd_t:s0 tcontext=system_u:object_r:insights_client_var_lib_t:s0 tclass=dir permissive=1

type=AVC msg=audit(08/14/2025 21:22:28.563:208) : avc:  denied  { write } for  pid=7067 comm=insights-client name=insights dev="dm-0" ino=67603447 scontext=system_u:system_r:rhcd_t:s0 tcontext=system_u:object_r:insights_client_var_lib_t:s0 tclass=dir permissive=1

----

type=PROCTITLE msg=audit(08/14/2025 21:22:28.595:209) : proctitle=/usr/bin/python3 /bin/insights-client -m insights.client.apps.ansible.playbook_verifier --quiet --payload noop --content-type no

type=PATH msg=audit(08/14/2025 21:22:28.595:209) : item=1 name=pubring.kbx~ inode=201400032 dev=fd:00 mode=file,600 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:insights_client_var_lib_t:s0 nametype=DELETE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=PATH msg=audit(08/14/2025 21:22:28.595:209) : item=0 name=/ inode=201398981 dev=fd:00 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:insights_client_var_lib_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=CWD msg=audit(08/14/2025 21:22:28.595:209) : cwd=/

type=SYSCALL msg=audit(08/14/2025 21:22:28.595:209) : arch=x86_64 syscall=unlinkat success=yes exit=0 a0=0x4 a1=0x7f5cde32bcb0 a2=0x0 a3=0x7f5ce1085c28 items=2 ppid=4832 pid=7067 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=insights-client exe=/usr/bin/python3.9 subj=system_u:system_r:rhcd_t:s0 key=(null)

type=AVC msg=audit(08/14/2025 21:22:28.595:209) : avc:  denied  { remove_name } for  pid=7067 comm=insights-client name=pubring.kbx~ dev="dm-0" ino=201400032 scontext=system_u:system_r:rhcd_t:s0 tcontext=system_u:object_r:insights_client_var_lib_t:s0 tclass=dir permissive=1

----

type=PROCTITLE msg=audit(08/14/2025 21:22:28.595:210) : proctitle=/usr/bin/python3 /bin/insights-client -m insights.client.apps.ansible.playbook_verifier --quiet --payload noop --content-type no

type=PATH msg=audit(08/14/2025 21:22:28.595:210) : item=1 name=private-keys-v1.d inode=810485 dev=fd:00 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:insights_client_var_lib_t:s0 nametype=DELETE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=PATH msg=audit(08/14/2025 21:22:28.595:210) : item=0 name=/ inode=201398981 dev=fd:00 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:insights_client_var_lib_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=CWD msg=audit(08/14/2025 21:22:28.595:210) : cwd=/

type=SYSCALL msg=audit(08/14/2025 21:22:28.595:210) : arch=x86_64 syscall=unlinkat success=yes exit=0 a0=0x4 a1=0x7f5cde2f39d0 a2=0x200 a3=0x7f5ce10871f8 items=2 ppid=4832 pid=7067 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=insights-client exe=/usr/bin/python3.9 subj=system_u:system_r:rhcd_t:s0 key=(null)

type=AVC msg=audit(08/14/2025 21:22:28.595:210) : avc:  denied  { rmdir } for  pid=7067 comm=insights-client name=private-keys-v1.d dev="dm-0" ino=810485 scontext=system_u:system_r:rhcd_t:s0 tcontext=system_u:object_r:insights_client_var_lib_t:s0 tclass=dir permissive=1

----

type=PROCTITLE msg=audit(08/14/2025 21:22:28.596:211) : proctitle=/usr/bin/python3 /usr/lib/python3.9/site-packages/insights_client/run.py -m insights.client.apps.ansible.playbook_verifier --qui

type=PATH msg=audit(08/14/2025 21:22:28.596:211) : item=1 name=/lib64/ld-linux-x86-64.so.2 inode=2976 dev=fd:00 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=PATH msg=audit(08/14/2025 21:22:28.596:211) : item=0 name=/usr/bin/python3 inode=201464773 dev=fd:00 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:bin_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=CWD msg=audit(08/14/2025 21:22:28.596:211) : cwd=/

type=EXECVE msg=audit(08/14/2025 21:22:28.596:211) : argc=9 a0=/usr/bin/python3 a1=/usr/lib/python3.9/site-packages/insights_client/run.py a2=-m a3=insights.client.apps.ansible.playbook_verifier a4=--quiet a5=--payload a6=noop a7=--content-type a8=noop

type=SYSCALL msg=audit(08/14/2025 21:22:28.596:211) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x7f5cde2c2590 a1=0x7f5cdfaed300 a2=0x7f5cde32bbd0 a3=0x0 items=2 ppid=7067 pid=7176 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=python3 exe=/usr/bin/python3.9 subj=system_u:system_r:insights_core_t:s0 key=(null)

type=AVC msg=audit(08/14/2025 21:22:28.596:211) : avc:  denied  { write } for  pid=7176 comm=python3 path=pipe:[101952] dev="pipefs" ino=101952 scontext=system_u:system_r:insights_core_t:s0 tcontext=system_u:system_r:rhcd_t:s0 tclass=fifo_file permissive=0

type=AVC msg=audit(08/14/2025 21:22:28.596:211) : avc:  denied  { write } for  pid=7176 comm=python3 path=pipe:[101951] dev="pipefs" ino=101951 scontext=system_u:system_r:insights_core_t:s0 tcontext=system_u:system_r:rhcd_t:s0 tclass=fifo_file permissive=0

type=AVC msg=audit(08/14/2025 21:22:28.596:211) : avc:  denied  { read } for  pid=7176 comm=python3 path=pipe:[101950] dev="pipefs" ino=101950 scontext=system_u:system_r:insights_core_t:s0 tcontext=system_u:system_r:rhcd_t:s0 tclass=fifo_file permissive=0

----

type=PROCTITLE msg=audit(08/14/2025 21:22:29.600:212) : proctitle=/usr/bin/python3 /usr/lib/python3.9/site-packages/insights_client/run.py -m insights.client.apps.ansible.playbook_verifier --qui

type=PATH msg=audit(08/14/2025 21:22:29.600:212) : item=1 name=/lib64/ld-linux-x86-64.so.2 inode=2976 dev=fd:00 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=PATH msg=audit(08/14/2025 21:22:29.600:212) : item=0 name=/usr/bin/python3 inode=201464773 dev=fd:00 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:bin_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=CWD msg=audit(08/14/2025 21:22:29.600:212) : cwd=/

type=EXECVE msg=audit(08/14/2025 21:22:29.600:212) : argc=9 a0=/usr/bin/python3 a1=/usr/lib/python3.9/site-packages/insights_client/run.py a2=-m a3=insights.client.apps.ansible.playbook_verifier a4=--quiet a5=--payload a6=noop a7=--content-type a8=noop

type=SYSCALL msg=audit(08/14/2025 21:22:29.600:212) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x7f5cde2c2d70 a1=0x7f5cdfaed300 a2=0x7f5cde32bd50 a3=0x0 items=2 ppid=7067 pid=7195 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=python3 exe=/usr/bin/python3.9 subj=system_u:system_r:insights_core_t:s0 key=(null)

type=AVC msg=audit(08/14/2025 21:22:29.600:212) : avc:  denied  { write } for  pid=7195 comm=python3 path=pipe:[101952] dev="pipefs" ino=101952 scontext=system_u:system_r:insights_core_t:s0 tcontext=system_u:system_r:rhcd_t:s0 tclass=fifo_file permissive=0

type=AVC msg=audit(08/14/2025 21:22:29.600:212) : avc:  denied  { write } for  pid=7195 comm=python3 path=pipe:[101951] dev="pipefs" ino=101951 scontext=system_u:system_r:insights_core_t:s0 tcontext=system_u:system_r:rhcd_t:s0 tclass=fifo_file permissive=0

type=AVC msg=audit(08/14/2025 21:22:29.600:212) : avc:  denied  { read } for  pid=7195 comm=python3 path=pipe:[101950] dev="pipefs" ino=101950 scontext=system_u:system_r:insights_core_t:s0 tcontext=system_u:system_r:rhcd_t:s0 tclass=fifo_file permissive=0

----

type=PROCTITLE msg=audit(08/14/2025 21:22:30.566:213) : proctitle=/usr/bin/python3 /usr/lib/python3.9/site-packages/insights_client/run.py -m insights.client.apps.ansible.playbook_verifier --qui

type=PATH msg=audit(08/14/2025 21:22:30.566:213) : item=1 name=/lib64/ld-linux-x86-64.so.2 inode=2976 dev=fd:00 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=PATH msg=audit(08/14/2025 21:22:30.566:213) : item=0 name=/usr/bin/python3 inode=201464773 dev=fd:00 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:bin_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0

type=CWD msg=audit(08/14/2025 21:22:30.566:213) : cwd=/

type=EXECVE msg=audit(08/14/2025 21:22:30.566:213) : argc=9 a0=/usr/bin/python3 a1=/usr/lib/python3.9/site-packages/insights_client/run.py a2=-m a3=insights.client.apps.ansible.playbook_verifier a4=--quiet a5=--payload a6=noop a7=--content-type a8=noop

type=SYSCALL msg=audit(08/14/2025 21:22:30.566:213) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x7f5cde2c2d70 a1=0x7f5cdfb14530 a2=0x7f5cde32bf30 a3=0x0 items=2 ppid=7067 pid=7217 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=python3 exe=/usr/bin/python3.9 subj=system_u:system_r:insights_core_t:s0 key=(null)

type=AVC msg=audit(08/14/2025 21:22:30.566:213) : avc:  denied  { write } for  pid=7217 comm=python3 path=pipe:[101952] dev="pipefs" ino=101952 scontext=system_u:system_r:insights_core_t:s0 tcontext=system_u:system_r:rhcd_t:s0 tclass=fifo_file permissive=0

type=AVC msg=audit(08/14/2025 21:22:30.566:213) : avc:  denied  { write } for  pid=7217 comm=python3 path=pipe:[101951] dev="pipefs" ino=101951 scontext=system_u:system_r:insights_core_t:s0 tcontext=system_u:system_r:rhcd_t:s0 tclass=fifo_file permissive=0

type=AVC msg=audit(08/14/2025 21:22:30.566:213) : avc:  denied  { read } for  pid=7217 comm=python3 path=pipe:[101950] dev="pipefs" ino=101950 scontext=system_u:system_r:insights_core_t:s0 tcontext=system_u:system_r:rhcd_t:s0 tclass=fifo_file permissive=0

Details

Description

What were you trying to do that didn't work?

What is the impact of this issue to you?

Please provide the package NVR for which the bug is seen:

How reproducible is this bug?:

Steps to reproduce

Expected results

Actual results

Attachments

Easy Agile Planning Poker

Activity

People

Dates

Hide