Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-39350

[RHEL-10-beta] AVC avc: denied { map_read map_write } for pid=3123 comm="nfs-server-gene" scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=bpf permissive=0

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Undefined Undefined
    • None
    • rhel-10.0.beta
    • selinux-policy
    • None
    • None
    • None
    • sst_security_selinux
    • ssg_security
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • x86_64
    • None

      What were you trying to do that didn't work?

      May 30 02:26:43 rt-qe-07.lab.eng.rdu2.redhat.com audit[3123]: AVC avc:  denied  { map_read map_write } for  pid=3123 comm="nfs-server-gene" scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=bpf permissive=0
      May 30 02:26:43 rt-qe-07.lab.eng.rdu2.redhat.com audit[3123]: SYSCALL arch=c000003e syscall=59 success=yes exit=0 a0=55d36ecfb2e0 a1=7ffec7285930 a2=55d36e90c2e0 a3=ffffffff items=0 ppid=3121 pid=3123 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="nfs-server-gene" exe="/usr/lib/systemd/system-generators/nfs-server-generator" subj=system_u:system_r:nfsd_t:s0 key=(null)
      May 30 02:26:43 rt-qe-07.lab.eng.rdu2.redhat.com audit: EXECVE argc=4 a0="/usr/lib/systemd/system-generators/nfs-server-generator" a1="/run/systemd/generator" a2="/run/systemd/generator.early" a3="/run/systemd/generator.late" 

      Please provide the package NVR for which bug is seen:

      selinux-policy-40.13.1-1.el10.noarch

      How reproducible:

      always

      Steps to reproduce

      1. run https://gitlab.cee.redhat.com/kernel-qe/kernel/-/archive/master/kernel-master.tar.gz#rt-tests/env_test
      2.  
      3.  

      Expected results

      No avc_check failure

      Actual results

      https://beaker.engineering.redhat.com/recipes/16240182#task178362918

            rhn-support-zpytela Zdenek Pytela
            yinchang0124 Chang Yin
            Zdenek Pytela Zdenek Pytela
            SSG Security QE SSG Security QE
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: