Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-125504

SELinux targetted policy is missing a rule to allow access for systemd service to symlink file

Linking RHIVOS CVEs to...Migration: Automation ...RHELPRIO AssignedTeam ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • rhel-security-selinux
    • None
    • False
    • False
    • Hide

      None

      Show
      None
    • No
    • None
    • None
    • None
    • Unspecified Release Note Type - Unknown
    • Unspecified
    • Unspecified
    • Unspecified
    • x86_64
    • None

      What were you trying to do that didn't work?

      Trying to set symlink in /etc/fstab for mounting at the time of boot

      What is the impact of this issue to you?

      The systemd service /usr/lib/systemd/system-generators/systemd-fstab-generator is denied from read access on the lnk_fileĀ 

      Please provide the package NVR for which the bug is seen:

      Customer reported this on RHEL 8, I was able to reproduce it with RHEL 9libselinux-3.6-3.el9.x86_64
      python3-libselinux-3.6-3.el9.x86_64
      selinux-policy-38.1.53-5.el9_6.noarch
      selinux-policy-targeted-38.1.53-5.el9_6.noarch
      rpm-plugin-selinux-4.16.1.3-37.el9.x86_64
      libselinux-utils-3.6-3.el9.x86_64
      selinux-policy-devel-38.1.53-5.el9_6.noarch

      How reproducible is this bug?:

      100%

      Steps to reproduce

      1. Set mount directory on a path under a symlink in /etc/fstab
      2. Reboot the system

      Expected results

      System should be able to mount the disk.

      Actual results

      Service fails to boot and results in a booting failure.

              rhn-support-zpytela Zdenek Pytela
              rhn-support-plawate Pranav Lawate
              Pranav Lawate
              Zdenek Pytela Zdenek Pytela
              Milos Malik Milos Malik
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated: