Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-32370

pmie_daily.service and pmlogger_daily.service are triggering selinux AVCs

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Normal Normal
    • rhel-9.5
    • rhel-9.5
    • pcp
    • None
    • pcp-6.2.2-1.el9
    • None
    • Moderate
    • 1
    • rhel-sst-pt-pcp
    • ssg_platform_tools
    • 22
    • 1
    • QE ack, Dev ack
    • False
    • Hide

      None

      Show
      None
    • No
    • Red Hat Enterprise Linux
    • PCP Sprint 5
    • Unspecified Release Note Type - Unknown
    • All
    • None

      What were you trying to do that didn't work?

      When pmie_daily.service and pmlogger_daily.service are triggered by systemd timer, selinux AVCs are reported.

      Please provide the package NVR for which bug is seen:

      pcp-6.2.1-1.el9

      How reproducible:

      Always on all architectures

      Steps to reproduce

      1. Install pcp-6.2.1-1.el9 and wait till 00:10:00 of the local time (10 minutes after the midnight)
      2. Check for AVCs
        # audit2allow -a

      Expected results

      No AVC is reported

      Actual results

      The following AVCs are reported:

      # audit2allow -a
      #============= pcp_pmie_t ==============
      allow pcp_pmie_t systemd_unit_file_t:service status;
      #============= pcp_pmlogger_t ==============
      allow pcp_pmlogger_t systemd_unit_file_t:service status;
      
      # ausearch -m USER_AVC
      ----
      time->Thu Apr 11 00:09:30 2024
      type=USER_AVC msg=audit(1712808570.711:12920): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc:  denied  { status } for auid=n/a uid=987 gid=987 path="/usr/lib/systemd/system/local-fs.target" cmdline="systemctl -q is-active local-fs.target" function="mac_selinux_filter" scontext=system_u:system_r:pcp_pmie_t:s0 tcontext=system_u:object_r:systemd_unit_file_t:s0 tclass=service permissive=1 exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
      ----
      time->Thu Apr 11 00:09:31 2024
      type=USER_AVC msg=audit(1712808571.788:12927): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc:  denied  { status } for auid=n/a uid=987 gid=987 path="/usr/lib/systemd/system/local-fs.target" cmdline="systemctl -q is-active local-fs.target" function="mac_selinux_filter" scontext=system_u:system_r:pcp_pmlogger_t:s0 tcontext=system_u:object_r:systemd_unit_file_t:s0 tclass=service permissive=1 exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
      

              nathans@redhat.com Nathan Scott
              jkurik@redhat.com Jan Kurik
              pcp-maint pcp-maint
              Jan Kurik Jan Kurik
              Jacob Valdez Jacob Valdez (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: