Loading...

Linking RHIVOS CVEs to...

Migration: Automation ...

SWIFT: POC Conversion

Sync from "Extern...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Undefined
Fix Version/s: None
Affects Version/s: rhel-10.2
Component/s: selinux-policy
Labels:
None

Regression:
None
Severity:
None
Epic Link:
SELINUX-4342

AssignedTeam:
rhel-security-selinux

Story Points:
None
Blocked:
False
Ready:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
None
Sprint:
None

Preliminary Testing:
None
Test Coverage:
None

ProdDocsReview-CCS:
Unspecified
ProdDocsReview-Dev:
Unspecified
ProdDocsReview-QE:
Unspecified

Experience:

PX Impact Score:
SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

What were you trying to do that didn't work?

What is the impact of this issue to you?

Please provide the package NVR for which the bug is seen:

How reproducible is this bug?:

Steps to reproduce

Install RHEL-10.2-20251215.0 to storageqe-83.lab.eng.brq2.redhat.com
https://beaker.engineering.redhat.com/jobs/12077560
https://beaker.engineering.redhat.com/jobs/12077561
https://beaker-archive.prod.engineering.redhat.com/beaker-logs/2025/12/120775/12077560/20250494/console.log

Expected results

No such AVC denials

Actual results

anaconda-import-initramfs…   
fs stage of Anaconda via kickstart.  
[   56.340823] audit: type=1400 audit(1765940850.671:148): avc:  denied  { mounton } for  pid=4098 comm="(d-logind)" path="/run/systemd/mount-rootfs/dev/kmsg" dev="devtmpfs" ino=10 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:kmsg_device_t:s0 tclass=chr_file permissive=1 
[      
  OK     
] Finished         
anaconda-nm-config.servic�[   56.372551] audit: type=1400 audit(1765940850.671:149): avc:  denied  { mounton } for  pid=4098 comm="(d-logind)" path="/run/systemd/mount-rootfs/home" dev="overlay" ino=173 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir permissive=1 
��   
conda NetworkManager configuration.  
[   56.402512] audit: type=1400 audit(1765940850.705:150): avc:  denied  { mounton } for  pid=4098 comm="(d-logind)" path="/run/systemd/mount-rootfs/root" dev="overlay" ino=21 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:admin_home_t:s0 tclass=dir permissive=1 
[   56.428930] audit: type=1400 audit(1765940850.731:151): avc:  denied  { mounton } for  pid=4098 comm="(d-logind)" path="/run/systemd/mount-rootfs/run/systemd/inhibit" dev="tmpfs" ino=2450 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:systemd_logind_inhibit_var_run_t:s0 tclass=dir permissive=1 
[   56.458334] audit: type=1400 audit(1765940850.731:152): avc:  denied  { mounton } for  pid=4098 comm="(d-logind)" path="/run/systemd/mount-rootfs/run/systemd/seats" dev="tmpfs" ino=103 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:systemd_logind_var_run_t:s0 tclass=dir permissive=1 
[   56.458339] audit: type=1400 audit(1765940850.731:153): avc:  denied  { mounton } for  pid=4098 comm="(d-logind)" path="/run/systemd/mount-rootfs/run/systemd/sessions" dev="tmpfs" ino=104 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:systemd_logind_sessions_t:s0 tclass=dir permissive=1

Assignee:: Zdenek Pytela

Reporter:: Zhaojuan Guo

Developer:: Zdenek Pytela

QA Contact:: SSG Security QE

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 2025/12/17 6:27 AM

Updated:: 2025/12/23 7:35 PM

Stale Date:: 2026/12/16

Details

Description

What were you trying to do that didn't work?

What is the impact of this issue to you?

Please provide the package NVR for which the bug is seen:

How reproducible is this bug?:

Steps to reproduce

Expected results

Actual results

Attachments

Easy Agile Planning Poker

Activity

People

Dates