Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-132868

[RHEL-10.2] avc: denied { write } for pid=7984 comm="rpc.statd" name="rpc.statd.pid" dev="tmpfs"

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Minor Minor
    • None
    • rhel-10.2
    • selinux-policy
    • None
    • None
    • rhel-security-selinux
    • None
    • False
    • False
    • Hide

      None

      Show
      None
    • No
    • None
    • None
    • None
    • Unspecified Release Note Type - Unknown
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      What were you trying to do that didn't work?

       

      SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Memory protection checking:     actual (secure)
Max kernel policy version:      33
selinux-policy-42.1.11-1.el10.noarch
----
time->Fri Nov 28 20:22:17 2025
type=PROCTITLE msg=audit(1764379337.974:430): proctitle="/usr/sbin/rpc.statd"
type=SYSCALL msg=audit(1764379337.974:430): arch=80000016 syscall=10 success=no exit=-13 a0=2aa00e8ece6 a1=3ffc5d79b58 a2=fffffffffffff000 a3=0 items=0 ppid=7976 pid=7984 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="rpc.statd" exe="/usr/sbin/rpc.statd" subj=system_u:system_r:rpcd_t:s0 key=(null)
type=AVC msg=audit(1764379337.974:430): avc:  denied  { unlink } for  pid=7984 comm="rpc.statd" name="rpc.statd.pid" dev="tmpfs" ino=1511 scontext=system_u:system_r:rpcd_t:s0 tcontext=unconfined_u:object_r:var_run_t:s0 tclass=file permissive=0
----

       

      Please provide the package NVR for which the bug is seen:

       kernel-6.12.0-162.el10 

      selinux-policy-42.1.11-1.el10

      How reproducible is this bug?:

      many times

      Expected results

      No AVC denied for defined operations

      Actual results

      AVC denied

       

      Additional info:
      beaker job:

      https://beaker.engineering.redhat.com/jobs/11997792

      https://beaker-archive.prod.engineering.redhat.com/beaker-logs/2025/11/119977/11997792/20121064/207290739/958045568/avc.log

      https://beaker.engineering.redhat.com/jobs/11985978

      https://beaker-archive.prod.engineering.redhat.com/beaker-logs/2025/11/119859/11985978/20099607/207048033/957200303/avc.log

       

       

              rhn-support-zpytela Zdenek Pytela
              rh-ee-yieli Zhi Li
              Zhi Li
              Zdenek Pytela Zdenek Pytela
              SSG Security QE SSG Security QE
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated: