Loading...

XML

Word

Printable

Type: Bug
Resolution: Done-Errata
Priority: Normal
Fix Version/s: rhel-9.5
Affects Version/s: rhel-9.3.0
Component/s: selinux-policy
Labels:
- dependent-component
- systemd-selinux

Fixed in Build:
selinux-policy-38.1.36-1.el9
Regression:
None
Severity:
None
Epic Link:
SELINUX-3400
sprint_count:
1

Pool Team:

rhel-sst-security-selinux
Sub-System Group:

ssg_security

Internal Target Milestone:
10
Story Points:
None
ACKs Check:

QE ack
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
No
Products:

Red Hat Enterprise Linux
Sprint:
CY24Q2

Acceptance Criteria:

Hide

The timedatectl command executed on a machine where the timemaster service is configured and used does not trigger any SELinux denials in enforcing mode.

Show
The timedatectl command executed on a machine where the timemaster service is configured and used does not trigger any SELinux denials in enforcing mode.
Preliminary Testing:
Pass
Errata Link:
https://errata.engineering.redhat.com/advisory/130707
Test Coverage:
None

Release Note Type:
Unspecified Release Note Type - Unknown

Architecture:

All

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

On a system using timemaster, run `timedatectl`

# audit2allow -b
#============= systemd_timedated_t ==============
allow systemd_timedated_t timemaster_unit_file_t:service status;

# rpm -q selinux-policy
selinux-policy-38.1.23-1.el9_3.2.noarch

relates to

RHEL-26660 SELinux prevents chronyd from writing into /var/run/timemaster/chrony.SOCK0 [rhel-9]

Closed

links to

Allow systemd-timedated get the timemaster service status

RHBA-2024:130707 selinux-policy update

Assignee:: Zdenek Pytela

Reporter:: Etienne Champetier (Inactive)

Developer:: Zdenek Pytela

QA Contact:: Milos Malik

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 2024/02/16 8:01 PM

Updated:: 2024/11/12 9:37 AM

Resolved:: 2024/11/12 9:37 AM

Target end:: 2024/05/06

Release Date:: 2024/11/12