-
Bug
-
Resolution: Unresolved
-
Normal
-
rhel-10.2
-
selinux-policy-42.1.18-1.el10
-
No
-
Moderate
-
1
-
rhel-security-selinux
-
27
-
1
-
False
-
False
-
-
No
-
SELINUX 260311: 19
-
Pass
-
Automated
-
Release Note Not Required
-
Unspecified
-
Unspecified
-
Unspecified
-
None
What were you trying to do that didn't work?
type=PROCTITLE msg=audit(01/18/2026 11:39:17.252:2185) : proctitle=/usr/sbin/NetworkManager --no-daemon
type=SYSCALL msg=audit(01/18/2026 11:39:17.252:2185) : arch=x86_64 syscall=openat success=no exit=EACCES(Permission denied) a0=AT_FDCWD a1=0x7f0dfcc0323b a2=O_RDONLY|O_DIRECTORY a3=0x0 items=0 ppid=1 pid=111285 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=NetworkManager exe=/usr/sbin/NetworkManager subj=system_u:system_r:NetworkManager_t:s0 key=(null)
type=AVC msg=audit(01/18/2026 11:39:17.252:2185) : avc: denied { read } for pid=111285 comm=NetworkManager name=/ dev="bpf" ino=1 scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:object_r:bpf_t:s0 tclass=dir permissive=0
What is the impact of this issue to you?
We need IPv6-mostly support in NetworkManager, this is required now: RHEL-93551
Please provide the package NVR for which the bug is seen:
selinux-policy-42.1.14-1.el10.noarch
How reproducible is this bug?:
always, in each CLAT test from NetworkManager-ci!2048
Steps to reproduce
- compile NetworkManager source code from NetworkManager!2107
(once merged, it is possible to use copr/downstream RHEL builds) - remove "Ignore AVC..." lines in NetworkManager-ci!2048
- execute clat tests from NetworkManager-ci!2048 in a VM!
run/runfeture.sh clat
Expected results
Tests should pass with no AVC check failure
Actual results
Described AVC shows up and tests fails.
- links to
-
RHBA-2025:155519
selinux-policy update