-
Bug
-
Resolution: Unresolved
-
Normal
-
rhel-9.5
-
selinux-policy-38.1.42-1.el9
-
None
-
None
-
sst_security_selinux
-
ssg_security
-
21
-
None
-
QE ack
-
False
-
-
No
-
None
-
-
Pass
-
Automated
-
Unspecified Release Note Type - Unknown
-
-
x86_64
-
None
What were you trying to do that didn't work?
run beaker job on rhel-9.5, and some avc denies showing up on the job result page.
Job: https://beaker.engineering.redhat.com/recipes/16420849#task179637881
Please provide the package NVR for which bug is seen:
selinux-policy-38.1.40-1.el9.noarch
How reproducible:
always
Steps to reproduce
- install the host with rhel-9.5
Expected results
No avc check failures
Actual results
SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Memory protection checking: actual (secure) Max kernel policy version: 33 selinux-policy-38.1.40-1.el9.noarch ---- time->Tue Jun 25 19:49:26 2024 type=PROCTITLE msg=audit(1719359366.119:205): proctitle="(sd-parse-elf)" type=SYSCALL msg=audit(1719359366.119:205): arch=c000003e syscall=157 success=no exit=-1 a0=23 a1=8 a2=7ff9f3689000 a3=0 items=0 ppid=4168 pid=4188 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(sd-parse-elf)" exe="/usr/lib/systemd/systemd-coredump" subj=system_u:system_r:systemd_coredump_t:s0 key=(null) type=AVC msg=audit(1719359366.119:205): avc: denied { sys_resource } for pid=4188 comm="(sd-parse-elf)" capability=24 scontext=system_u:system_r:systemd_coredump_t:s0 tcontext=system_u:system_r:systemd_coredump_t:s0 tclass=capability permissive=0 ---- time->Tue Jun 25 19:49:26 2024 type=PROCTITLE msg=audit(1719359366.124:206): proctitle="(sd-parse-elf)" type=SYSCALL msg=audit(1719359366.124:206): arch=c000003e syscall=308 success=no exit=-1 a0=7 a1=20000 a2=fffffff7 a3=7ffd8cf96730 items=0 ppid=4168 pid=4188 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(sd-parse-elf)" exe="/usr/lib/systemd/systemd-coredump" subj=system_u:system_r:systemd_coredump_t:s0 key=(null) type=AVC msg=audit(1719359366.124:206): avc: denied { sys_admin } for pid=4188 comm="(sd-parse-elf)" capability=21 scontext=system_u:system_r:systemd_coredump_t:s0 tcontext=system_u:system_r:systemd_coredump_t:s0 tclass=capability permissive=0
- is duplicated by
-
RHEL-50012 [RHEL-9.5] SELinux: avc: denied { sys_chroot } for pid=3185 comm="(sd-parse-elf)"
- Closed
- links to
-
RHBA-2024:130707 selinux-policy bug fix and enhancement update