-
Bug
-
Resolution: Done-Errata
-
Normal
-
rhel-9.5
-
None
-
pcp-6.2.2-1.el9
-
None
-
Moderate
-
1
-
rhel-sst-pt-pcp
-
ssg_platform_tools
-
22
-
1
-
QE ack, Dev ack
-
False
-
-
No
-
Red Hat Enterprise Linux
-
PCP Sprint 5
-
Pass
-
Automated
-
Unspecified Release Note Type - Unknown
-
-
All
-
None
What were you trying to do that didn't work?
When pmie_daily.service and pmlogger_daily.service are triggered by systemd timer, selinux AVCs are reported.
Please provide the package NVR for which bug is seen:
pcp-6.2.1-1.el9
How reproducible:
Always on all architectures
Steps to reproduce
- Install pcp-6.2.1-1.el9 and wait till 00:10:00 of the local time (10 minutes after the midnight)
- Check for AVCs
# audit2allow -a
Expected results
No AVC is reported
Actual results
The following AVCs are reported:
# audit2allow -a #============= pcp_pmie_t ============== allow pcp_pmie_t systemd_unit_file_t:service status; #============= pcp_pmlogger_t ============== allow pcp_pmlogger_t systemd_unit_file_t:service status;
# ausearch -m USER_AVC ---- time->Thu Apr 11 00:09:30 2024 type=USER_AVC msg=audit(1712808570.711:12920): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { status } for auid=n/a uid=987 gid=987 path="/usr/lib/systemd/system/local-fs.target" cmdline="systemctl -q is-active local-fs.target" function="mac_selinux_filter" scontext=system_u:system_r:pcp_pmie_t:s0 tcontext=system_u:object_r:systemd_unit_file_t:s0 tclass=service permissive=1 exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?' ---- time->Thu Apr 11 00:09:31 2024 type=USER_AVC msg=audit(1712808571.788:12927): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { status } for auid=n/a uid=987 gid=987 path="/usr/lib/systemd/system/local-fs.target" cmdline="systemctl -q is-active local-fs.target" function="mac_selinux_filter" scontext=system_u:system_r:pcp_pmlogger_t:s0 tcontext=system_u:object_r:systemd_unit_file_t:s0 tclass=service permissive=1 exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
- is related to
-
RHEL-30198 Bug fix and feature rebase for Performance Co-Pilot
- Closed
- relates to
-
RHEL-33361 [rhel9] various systemd programs want to access /dev/z90crypt
- Closed
- split to
-
RHEL-39430 [Dev] pmie_daily.service and pmlogger_daily.service are triggering selinux AVCs
- Closed
- links to
-
RHBA-2024:129301 pcp bug fix and enhancement update