-
Bug
-
Resolution: Unresolved
-
Normal
-
rhel-10.2
-
No
-
Low
-
rhel-security-selinux
-
None
-
False
-
False
-
-
No
-
None
-
None
-
None
-
Unspecified Release Note Type - Unknown
-
Unspecified
-
Unspecified
-
Unspecified
-
None
What were you trying to do that didn't work?
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Memory protection checking: actual (secure)
Max kernel policy version: 33
selinux-policy-42.1.11-1.el10.noarch
----
time->Sat Nov 29 11:58:19 2025
type=PROCTITLE msg=audit(1764435499.560:1301): proctitle=6E667369646D6170003638393434393130007569643A53595354454D404E5420415554484F52495459
type=SYSCALL msg=audit(1764435499.560:1301): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=7f966ba7a1aa a2=90800 a3=0 items=0 ppid=40655 pid=48398 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="nfsidmap" exe="/usr/sbin/nfsidmap" subj=system_u:system_r:nfsidmap_t:s0 key=(null)
type=AVC msg=audit(1764435499.560:1301): avc: denied { read } for pid=48398 comm="nfsidmap" name="dnsmasq" dev="dm-0" ino=1336377 scontext=system_u:system_r:nfsidmap_t:s0 tcontext=system_u:object_r:virt_var_lib_t:s0 tclass=dir permissive=0
Please provide the package NVR for which the bug is seen:
kernel-6.12.0-162.el10
selinux-policy-42.1.11-1.el10.noarch
How reproducible is this bug?:
reproducible but random
Expected results
No AVC denied for defined operations
Actual results
AVC denied
Additional info:
beaker jobs:
https://beaker.engineering.redhat.com/jobs/11999860
https://beaker.engineering.redhat.com/jobs/11997315
It seems to be the same issue as RHEL-68722, which hasn't been resolved in the latest selinux-policy-42.1.11-1.el10.noarch.
