Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-47471

Unexpected SELinux alert httpd+suexec: avc: denied { unlink } for pid=1 comm="systemd" name=".UUID_NODEID"

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Minor Minor
    • None
    • rhel-9.4
    • httpd
    • None
    • Low
    • rhel-sst-cs-stacks
    • ssg_core_services
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • Red Hat Enterprise Linux
    • None
    • None
    • None
    • All
    • None

      What were you trying to do that didn't work?

      Found following alerts in log, trigger is still unknown:

      type=AVC msg=audit(1720809972.614:46163): avc:  denied  { unlink } for  pid=1 comm="systemd" name=".UUID_NODEID" dev="dm-0" ino=9926603 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:httpd_suexec_tmp_t:s0 tclass=file permissive=0

      type=AVC msg=audit(1720809972.615:46164): avc:  denied  { unlink } for  pid=1 comm="systemd" name=".UUID_STATE" dev="dm-0" ino=9972930 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:httpd_suexec_tmp_t:s0 tclass=file permissive=0

      Please provide the package NVR for which bug is seen:

      selinux-policy-targeted-38.1.35-2.el9_4.2.noarch

      httpd-2.4.57-8.el9.x86_64

      systemd-252-32.el9_4.alma.1.x86_64

      How reproducible:

      Unclear so far

      Steps to reproduce

      Unknown, but server has suexec active for some virtual hosts

      Expected results

      no such SELinux alerts

      Actual results

      SELinux alerts

              luhliari@redhat.com Lubos Uhliarik
              pb_bieringer Peter Bieringer (Inactive)
              Lubos Uhliarik Lubos Uhliarik
              rhel-cs-infra-services-qe rhel-cs-infra-services-qe rhel-cs-infra-services-qe rhel-cs-infra-services-qe
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: