-
Bug
-
Resolution: Unresolved
-
Undefined
-
rhel-10.0.beta
-
None
-
frr-9.1-7.el10
-
None
-
None
-
rhel-sst-cs-net-perf-services
-
ssg_core_services
-
20
-
1
-
False
-
-
None
-
None
-
Pass
-
Automated
-
None
While testing FRR in RHEL10, an unexpected AVC has re-appeared. This one has been fixed in RHEL9 but I must have forgotten to fix it in Fedora as well.
type=PROCTITLE msg=audit(05/27/2024 08:43:52.528:1093) : proctitle=/usr/bin/vtysh --config_dir /etc/frr -c configure -c ipv6 forwarding
type=PATH msg=audit(05/27/2024 08:43:52.528:1093) : item=0 name=/root/.history_frr inode=6345345 dev=ca:02 mode=file,600 ouid=root ogid=root rdev=00:00 obj=unconfined_u:object_r:admin_home_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0
type=CWD msg=audit(05/27/2024 08:43:52.528:1093) : cwd=/
type=SYSCALL msg=audit(05/27/2024 08:43:52.528:1093) : arch=x86_64 syscall=openat success=no exit=EACCES(Permission denied) a0=AT_FDCWD a1=0x562264b8e6c0 a2=O_WRONLY|O_APPEND a3=0x0 items=1 ppid=24664 pid=24671 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=vtysh exe=/usr/bin/vtysh subj=system_u:system_r:frr_t:s0 key=(null)
type=AVC msg=audit(05/27/2024 08:43:52.528:1093) : avc: denied { append } for pid=24671 comm=vtysh name=.history_frr dev="xvda2" ino=6345345 scontext=system_u:system_r:frr_t:s0 tcontext=unconfined_u:object_r:admin_home_t:s0 tclass=file permissive=0
- links to
-
RHSA-2024:130900
frr bug fix and enhancement update
