Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-56385

Avc denial: ipc_lock systemd shutdown

XMLWordPrintable

    • No
    • None
    • sst_security_selinux
    • ssg_security
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None

      What were you trying to do that didn't work?

      Reboot call in test pipelines

      Please provide the package NVR for which bug is seen:

      selinux-policy-38.1.44-1.el9.noarch

      How reproducible:

      100%

      Steps to reproduce

      1. restraint reboot test calls rstrnt-reboot (ie. shutdown -r now)
      2.  
      3.  

      Expected results

      Reboot without avc failure captured in avc.log

      Actual results

      type=PROCTITLE msg=audit(1724354141.693:716): proctitle="/sbin/init"
type=SYSCALL msg=audit(1724354141.693:716): arch=c00000b7 syscall=230 success=no exit=-12 a0=3 a1=ffa0537e1000 a2=1 a3=0 items=0 ppid=868 pid=870 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-shutdow" exe="/usr/lib/systemd/systemd-shutdown" subj=system_u:system_r:qm_t:s0 key=(null)
type=AVC msg=audit(1724354141.693:716): avc:  denied  { ipc_lock } for  pid=870 comm="systemd-shutdow" capability=14  scontext=system_u:system_r:qm_t:s0 tcontext=system_u:system_r:qm_t:s0 tclass=capability permissive=0

            rhn-support-zpytela Zdenek Pytela
            rhn-support-bgrech Brian Grech
            Zdenek Pytela Zdenek Pytela
            SSG Security QE SSG Security QE
            Votes:
            0 Vote for this issue
            Watchers:
            10 Start watching this issue

              Created:
              Updated: