-
Bug
-
Resolution: Unresolved
-
Minor
-
rhel-9.8
-
No
-
Moderate
-
rhel-security-selinux
-
1
-
QE ack
-
False
-
False
-
-
No
-
None
-
-
None
-
Automated
-
Unspecified Release Note Type - Unknown
-
Unspecified
-
Unspecified
-
Unspecified
-
None
What were you trying to do that didn't work?
What is the impact of this issue to you?
AVC denials
Please provide the package NVR for which the bug is seen:
selinux-policy-38.1.73-1.el9.noarch
selinux-policy-targeted-38.1.73-1.el9.noarch
setroubleshoot-plugins-3.3.14-4.el9.noarch
setroubleshoot-server-3.3.35-2.el9.x86_64
How reproducible is this bug?
100%
Steps to reproduce
- install the setroubleshoot-server package
- touch /root/.rpmmacros
- trigger any SELinux denial
- ausearch -m avc -i -ts recent
Actual results:
---- type=PROCTITLE msg=audit(02/09/2026 04:20:00.501:350) : proctitle=rpm -qf /var/lib/selinux/targeted/active/modules/100/usermanage type=SYSCALL msg=audit(02/09/2026 04:20:00.501:350) : arch=x86_64 syscall=openat success=no exit=EACCES(Permission denied) a0=AT_FDCWD a1=0x558a17a07f70 a2=O_RDONLY a3=0x0 items=0 ppid=5655 pid=5658 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=rpm exe=/usr/bin/rpm subj=system_u:system_r:setroubleshootd_t:s0 key=(null) type=AVC msg=audit(02/09/2026 04:20:00.501:350) : avc: denied { read } for pid=5658 comm=rpm name=.rpmmacros dev="vda1" ino=12586997 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=unconfined_u:object_r:admin_home_t:s0 tclass=file permissive=0 ----
Expected results:
- no AVCs
- clones
-
-
- Planning
-
