-
Bug
-
Resolution: Done-Errata
-
Normal
-
rhel-9.4
-
selinux-policy-38.1.43-1.el9
-
None
-
None
-
rhel-sst-security-selinux
-
ssg_security
-
23
-
None
-
QE ack
-
False
-
-
No
-
None
-
Unspecified Release Note Type - Unknown
-
None
What were you trying to do that didn't work?
selinux-policy/Regression/systemd-pstore test
Please provide the package NVR for which bug is seen:
selinux-policy-38.1.35-2.el9_4.noarch
selinux-policy-devel-38.1.35-2.el9_4.noarch
selinux-policy-minimum-38.1.35-2.el9_4.noarch
selinux-policy-mls-38.1.35-2.el9_4.noarch
selinux-policy-targeted-38.1.35-2.el9_4.noarch
How reproducible:
every time
Steps to reproduce
- Execute /regression/systemd-pstore test
- inspect logs
Expected results
no failures
Actual results
https://artifacts.osci.redhat.com/testing-farm/9c4774a6-2eb3-4889-9c0c-7b443c6e57aa/
Test failureĀ :: real scenario – standalone service
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: Cleanup :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ 18:32:57 ] :: [ LOG ] :: rlSEAVCCheck: Search for AVCs, USER_AVCs, SELINUX_ERRs, and USER_SELINUX_ERRs since timestamp 'TIMESTAMP' [06/24/2024 18:32:24] ---- type=PROCTITLE msg=audit(06/24/2024 18:32:36.742:2420) : proctitle=/usr/lib/systemd/systemd-pstore type=PATH msg=audit(06/24/2024 18:32:36.742:2420) : item=0 name=/run/systemd/journal/socket inode=35 dev=00:17 mode=socket,666 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:syslogd_var_run_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 type=CWD msg=audit(06/24/2024 18:32:36.742:2420) : cwd=/ type=SOCKADDR msg=audit(06/24/2024 18:32:36.742:2420) : saddr=\{ saddr_fam=local path=/run/systemd/journal/socket } type=SYSCALL msg=audit(06/24/2024 18:32:36.742:2420) : arch=aarch64 syscall=connect success=no exit=EACCES(Permission denied) a0=0x3 a1=0xffffdeae4f18 a2=0x1e a3=0xffa5ef950020 items=1 ppid=1 pid=288863 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=systemd-pstore exe=/usr/lib/systemd/systemd-pstore subj=system_u:system_r:systemd_pstore_t:s0 key=(null) type=AVC msg=audit(06/24/2024 18:32:36.742:2420) : avc: denied \{ sendto } for pid=288863 comm=systemd-pstore path=/run/systemd/journal/socket scontext=system_u:system_r:systemd_pstore_t:s0 tcontext=system_u:system_r:syslogd_t:s0 tclass=unix_dgram_socket permissive=0 ---- type=PROCTITLE msg=audit(06/24/2024 18:32:36.742:2421) : proctitle=/usr/lib/systemd/systemd-pstore type=PATH msg=audit(06/24/2024 18:32:36.742:2421) : item=0 name=/dev/kmsg inode=8 dev=00:05 mode=character,644 ouid=root ogid=root rdev=01:0b obj=system_u:object_r:kmsg_device_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 type=CWD msg=audit(06/24/2024 18:32:36.742:2421) : cwd=/ type=SYSCALL msg=audit(06/24/2024 18:32:36.742:2421) : arch=aarch64 syscall=openat success=no exit=EACCES(Permission denied) a0=AT_FDCWD a1=0xffa5f0a3d8e0 a2=O_WRONLY|O_NOCTTY|O_CLOEXEC a3=0x0 items=1 ppid=1 pid=288863 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=systemd-pstore exe=/usr/lib/systemd/systemd-pstore subj=system_u:system_r:systemd_pstore_t:s0 key=(null) type=AVC msg=audit(06/24/2024 18:32:36.742:2421) : avc: denied \{ write } for pid=288863 comm=systemd-pstore name=kmsg dev="devtmpfs" ino=8 scontext=system_u:system_r:systemd_pstore_t:s0 tcontext=system_u:object_r:kmsg_device_t:s0 tclass=chr_file permissive=0 ---- type=PROCTITLE msg=audit(06/24/2024 18:32:36.742:2422) : proctitle=/usr/lib/systemd/systemd-pstore type=PATH msg=audit(06/24/2024 18:32:36.742:2422) : item=0 name=/run/systemd/journal/socket inode=35 dev=00:17 mode=socket,666 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:syslogd_var_run_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 type=CWD msg=audit(06/24/2024 18:32:36.742:2422) : cwd=/ type=SOCKADDR msg=audit(06/24/2024 18:32:36.742:2422) : saddr=\{ saddr_fam=local path=/run/systemd/journal/socket } type=SYSCALL msg=audit(06/24/2024 18:32:36.742:2422) : arch=aarch64 syscall=sendmsg success=no exit=EACCES(Permission denied) a0=0x3 a1=0xffffdeae4e40 a2=MSG_NOSIGNAL a3=0xffa5ef950020 items=1 ppid=1 pid=288863 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=systemd-pstore exe=/usr/lib/systemd/systemd-pstore subj=system_u:system_r:systemd_pstore_t:s0 key=(null) type=AVC msg=audit(06/24/2024 18:32:36.742:2422) : avc: denied \{ sendto } for pid=288863 comm=systemd-pstore path=/run/systemd/journal/socket scontext=system_u:system_r:systemd_pstore_t:s0 tcontext=system_u:system_r:syslogd_t:s0 tclass=unix_dgram_socket permissive=0 ---- type=PROCTITLE msg=audit(06/24/2024 18:32:44.102:2429) : proctitle=/usr/lib/systemd/systemd-pstore type=PATH msg=audit(06/24/2024 18:32:44.102:2429) : item=0 name=/run/systemd/journal/socket inode=35 dev=00:17 mode=socket,666 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:syslogd_var_run_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 type=CWD msg=audit(06/24/2024 18:32:44.102:2429) : cwd=/ type=SOCKADDR msg=audit(06/24/2024 18:32:44.102:2429) : saddr=\{ saddr_fam=local path=/run/systemd/journal/socket } type=SYSCALL msg=audit(06/24/2024 18:32:44.102:2429) : arch=aarch64 syscall=connect success=no exit=EACCES(Permission denied) a0=0x3 a1=0xffffe124aae8 a2=0x1e a3=0xffeea9e78020 items=1 ppid=1 pid=289466 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=systemd-pstore exe=/usr/lib/systemd/systemd-pstore subj=system_u:system_r:systemd_pstore_t:s0 key=(null) type=AVC msg=audit(06/24/2024 18:32:44.102:2429) : avc: denied \{ sendto } for pid=289466 comm=systemd-pstore path=/run/systemd/journal/socket scontext=system_u:system_r:systemd_pstore_t:s0 tcontext=system_u:system_r:syslogd_t:s0 tclass=unix_dgram_socket permissive=0 ---- type=PROCTITLE msg=audit(06/24/2024 18:32:44.102:2430) : proctitle=/usr/lib/systemd/systemd-pstore type=PATH msg=audit(06/24/2024 18:32:44.102:2430) : item=0 name=/dev/kmsg inode=8 dev=00:05 mode=character,644 ouid=root ogid=root rdev=01:0b obj=system_u:object_r:kmsg_device_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 type=CWD msg=audit(06/24/2024 18:32:44.102:2430) : cwd=/ type=SYSCALL msg=audit(06/24/2024 18:32:44.102:2430) : arch=aarch64 syscall=openat success=no exit=EACCES(Permission denied) a0=AT_FDCWD a1=0xffeeaaf658e0 a2=O_WRONLY|O_NOCTTY|O_CLOEXEC a3=0x0 items=1 ppid=1 pid=289466 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=systemd-pstore exe=/usr/lib/systemd/systemd-pstore subj=system_u:system_r:systemd_pstore_t:s0 key=(null) type=AVC msg=audit(06/24/2024 18:32:44.102:2430) : avc: denied \{ write } for pid=289466 comm=systemd-pstore name=kmsg dev="devtmpfs" ino=8 scontext=system_u:system_r:systemd_pstore_t:s0 tcontext=system_u:object_r:kmsg_device_t:s0 tclass=chr_file permissive=0 ---- type=PROCTITLE msg=audit(06/24/2024 18:32:44.102:2431) : proctitle=/usr/lib/systemd/systemd-pstore type=PATH msg=audit(06/24/2024 18:32:44.102:2431) : item=0 name=/run/systemd/journal/socket inode=35 dev=00:17 mode=socket,666 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:syslogd_var_run_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 type=CWD msg=audit(06/24/2024 18:32:44.102:2431) : cwd=/ type=SOCKADDR msg=audit(06/24/2024 18:32:44.102:2431) : saddr=\{ saddr_fam=local path=/run/systemd/journal/socket } type=SYSCALL msg=audit(06/24/2024 18:32:44.102:2431) : arch=aarch64 syscall=sendmsg success=no exit=EACCES(Permission denied) a0=0x3 a1=0xffffe124aa10 a2=MSG_NOSIGNAL a3=0xffeea9e78020 items=1 ppid=1 pid=289466 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=systemd-pstore exe=/usr/lib/systemd/systemd-pstore subj=system_u:system_r:systemd_pstore_t:s0 key=(null) type=AVC msg=audit(06/24/2024 18:32:44.102:2431) : avc: denied \{ sendto } for pid=289466 comm=systemd-pstore path=/run/systemd/journal/socket scontext=system_u:system_r:systemd_pstore_t:s0 tcontext=system_u:system_r:syslogd_t:s0 tclass=unix_dgram_socket permissive=0 :: [ 18:32:57 ] :: [ INFO ] :: rlSEAVCCheck: ignoring patterns: :: [ 18:32:57 ] :: [ INFO ] :: rlSEAVCCheck: type=USER_AVC.*received (policyload|setenforce) notice ---==============--- UNEXPECTED MESSAGES: type=AVC msg=audit(06/24/2024 18:32:36.742:2420) : avc: denied \{ sendto } for pid=288863 comm=systemd-pstore path=/run/systemd/journal/socket scontext=system_u:system_r:systemd_pstore_t:s0 tcontext=system_u:system_r:syslogd_t:s0 tclass=unix_dgram_socket permissive=0 type=AVC msg=audit(06/24/2024 18:32:36.742:2421) : avc: denied \{ write } for pid=288863 comm=systemd-pstore name=kmsg dev="devtmpfs" ino=8 scontext=system_u:system_r:systemd_pstore_t:s0 tcontext=system_u:object_r:kmsg_device_t:s0 tclass=chr_file permissive=0 type=AVC msg=audit(06/24/2024 18:32:36.742:2422) : avc: denied \{ sendto } for pid=288863 comm=systemd-pstore path=/run/systemd/journal/socket scontext=system_u:system_r:systemd_pstore_t:s0 tcontext=system_u:system_r:syslogd_t:s0 tclass=unix_dgram_socket permissive=0 type=AVC msg=audit(06/24/2024 18:32:44.102:2429) : avc: denied \{ sendto } for pid=289466 comm=systemd-pstore path=/run/systemd/journal/socket scontext=system_u:system_r:systemd_pstore_t:s0 tcontext=system_u:system_r:syslogd_t:s0 tclass=unix_dgram_socket permissive=0 type=AVC msg=audit(06/24/2024 18:32:44.102:2430) : avc: denied \{ write } for pid=289466 comm=systemd-pstore name=kmsg dev="devtmpfs" ino=8 scontext=system_u:system_r:systemd_pstore_t:s0 tcontext=system_u:object_r:kmsg_device_t:s0 tclass=chr_file permissive=0 type=AVC msg=audit(06/24/2024 18:32:44.102:2431) : avc: denied \{ sendto } for pid=289466 comm=systemd-pstore path=/run/systemd/journal/socket scontext=system_u:system_r:systemd_pstore_t:s0 tcontext=system_u:system_r:syslogd_t:s0 tclass=unix_dgram_socket permissive=0 ---==============--- :: [ 18:32:57 ] :: [ FAIL ] :: Check there are no unexpected AVCs/ERRORs (Assert: expected 0, got 1) Redirecting to /bin/systemctl status systemd-pstore.service :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: Duration: 2s :: Assertions: 0 good, 1 bad :: RESULT: WARN (Cleanup)
- links to
-
RHBA-2024:130707 selinux-policy bug fix and enhancement update