-
Bug
-
Resolution: Done-Errata
-
Minor
-
rhel-9.4
-
selinux-policy-38.1.37-1.el9
-
None
-
Moderate
-
1
-
rhel-sst-security-selinux
-
ssg_security
-
11
-
None
-
QE ack
-
False
-
-
No
-
CY24Q2
-
-
Pass
-
Automated
-
Unspecified Release Note Type - Unknown
-
-
aarch64
-
None
What were you trying to do that didn't work?
The problem was found by the following automated test:
- /CoreOS/selinux-policy/Regression/dev-general
Please provide the package NVR for which bug is seen:
selinux-policy-38.1.33-1.el9.noarch
How reproducible:
on certain aarch64 machines
Steps to reproduce
- get a RHEL-9.4 machine (the targeted policy is active)
- run the following command:
find /dev -context '*:device_t:*' \\( -type c -o -type b \\) -printf '%p %Z\n'
Expected results
default SELinux label for /dev/mmcblk0rpmb device is more specific than device_t
Actual results
/dev/mmcblk0rpmb system_u:object_r:device_t:s0
- links to
-
RHBA-2024:130707 selinux-policy bug fix and enhancement update