Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-28080

[rhel-9] more specific label for /dev/mmcblk0rpmb device

    • selinux-policy-38.1.37-1.el9
    • None
    • Moderate
    • 1
    • rhel-sst-security-selinux
    • ssg_security
    • 11
    • None
    • QE ack
    • False
    • Hide

      None

      Show
      None
    • No
    • CY24Q2
    • Hide

      The default SELinux label for the /dev/mmcblk0rpmb device is more specific than device_t.

      Show
      The default SELinux label for the /dev/mmcblk0rpmb device is more specific than device_t.
    • Pass
    • Automated
    • Unspecified Release Note Type - Unknown
    • aarch64
    • None

      What were you trying to do that didn't work?

      The problem was found by the following automated test:

      • /CoreOS/selinux-policy/Regression/dev-general

      Please provide the package NVR for which bug is seen:

      selinux-policy-38.1.33-1.el9.noarch

      How reproducible:

      on certain aarch64 machines

      Steps to reproduce

      1. get a RHEL-9.4 machine (the targeted policy is active)
      2. run the following command:
        find /dev -context '*:device_t:*' \\( -type c -o -type b \\) -printf '%p %Z\n'
        

      Expected results

      default SELinux label for /dev/mmcblk0rpmb device is more specific than device_t

      Actual results

      /dev/mmcblk0rpmb system_u:object_r:device_t:s0

              rhn-support-zpytela Zdenek Pytela
              mmalik@redhat.com Milos Malik
              Zdenek Pytela Zdenek Pytela
              Milos Malik Milos Malik
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: