We have a number of RH9.4 hosts with the DISA STIG Profile ... all of which suffer from this malfunction.

What were you trying to do that didn't work?

Install / update 3rd party RPMs ... which triggered the fapolicyd to say

Jul 15 14:35:29 helpdesk fapolicyd[1558]: It looks like there was an update of the system... Syncing DB.

but never return ... effectively "killing" the machine.

Jul 15 14:38:36 helpdesk kernel: INFO: task fapolicyd:1682 blocked for more than 122 seconds.

Jul 15 14:38:36 helpdesk kernel:       Tainted: G    B      O      -------  ---  5.14.0-427.24.1.el9_4.x86_64 #1

Jul 15 14:38:36 helpdesk kernel: "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.

Jul 15 14:38:36 helpdesk kernel: task:fapolicyd       state stack:0     pid:1682  ppid:1      flags:0x00004002

Please provide the package NVR for which bug is seen:

fapolicyd-1.3.2-100.el9.x86_64

How reproducible:

Easily ... but only with a handful of 3rd party RPMs

Steps to reproduce

1. Install problematic package, e.g.,
   1. Trellix McAfeeESPFileAccess
   2. Trellix McAfeeESPAac
   3. DISA Device Attribute Tagging Tool (DATT)
   4. Dell OM-iSM-Dell-Web-LX-5300-3289_A00.tar.gz

1. 1. 1. Available here:  https://www.dell.com/support/home/en-us/drivers/driversdetails?driverid=p0dr5
2. About 3 outta 4 times ... the RH9 host will hang because fapolicyd has itself hung

Expected results

Successful installation, no fapolicyd hang

Actual results

fapolicyd hangs ... the machine will no longer allow logins ... and has to be power cycled.