-
Bug
-
Resolution: Unresolved
-
Undefined
-
None
-
rhel-9.7
-
None
-
No
-
None
-
subs-client-tools-2
-
None
-
False
-
False
-
-
None
-
None
-
None
-
None
-
Unspecified
-
Unspecified
-
Unspecified
-
-
All
-
None
What were you trying to do that didn't work?
Registering to rhsm triggers following AVC:
type=PROCTITLE msg=audit(09/02/25 08:00:02.117:10152) : proctitle=/usr/bin/python3 /usr/libexec/rhsm-package-profile-uploader --force-upload type=SYSCALL msg=audit(09/02/25 08:00:02.117:10152) : arch=aarch64 syscall=openat success=no exit=EACCES(Permission denied) a0=AT_FDCWD a1=0xaaaade638440 a2=O_RDONLY a3=0x0 items=0 ppid=646 pid=612489 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=rhsm-package-pr exe=/usr/bin/python3.9 subj=system_u:system_r:rhsmcertd_t:s0 key=(null) type=AVC msg=audit(09/02/25 08:00:02.117:10152) : avc: denied { dac_override } for pid=612489 comm=rhsm-package-pr capability=dac_override scontext=system_u:system_r:rhsmcertd_t:s0 tcontext=system_u:system_r:rhsmcertd_t:s0 tclass=capability permissive=0
What is the impact of this issue to you?
Please provide the package NVR for which the bug is seen:
RHEL-9.7.0-20250826.5
dnf-4.14.0-31.el9
subscription-manager-1.29.47-1.el9
libdnf-0.69.0-16.el9
selinux-policy-38.1.65-1.el9
How reproducible is this bug?:
Happened during our tier execution in TF, but cannot reproduce it manually yet.
Steps to reproduce
- None, sorry
Expected results
No AVCs are triggered during usage of subscription-manager
