-
Bug
-
Resolution: Won't Do
-
Minor
-
None
-
rhel-9.5
-
No
-
Low
-
rhel-security-selinux
-
ssg_security
-
None
-
QE ack
-
False
-
False
-
-
No
-
None
-
-
None
-
Automated
-
Unspecified Release Note Type - Unknown
-
-
All
-
None
What were you trying to do that didn't work?
What is the impact of this issue to you?
The test scenario works as expected, but the SELinux denial appears.
Please provide the package NVR for which the bug is seen:
mimedefang-3.4.1-1.el9.x86_64
selinux-policy-38.1.44-1.el9.noarch
selinux-policy-devel-38.1.44-1.el9.noarch
selinux-policy-targeted-38.1.44-1.el9.noarch
spamassassin-3.4.6-6.el9.x86_64
How reproducible is this bug?:
always
Steps to reproduce
- get a RHEL-9.5 machine (targeted policy is active)
- install the mimedefang package (comes from EPEL)
- run the following automated test: /CoreOS/selinux-policy/Regression/bz499701-spamd-dies-if-kill-HUP
- search for SELinux denials
Expected results
no SELinux denials
Actual results
---- type=USER_AVC msg=audit(09/18/2024 02:41:36.362:404) : pid=1 uid=root auid=unset ses=unset subj=system_u:system_r:init_t:s0 msg='avc: denied { status } for auid=unset uid=root gid=root path=/usr/lib/systemd/system/mimedefang.service cmdline="" function="mac_selinux_filter" scontext=system_u:system_r:spamd_update_t:s0 tcontext=system_u:object_r:systemd_unit_file_t:s0 tclass=service permissive=0 exe=/usr/lib/systemd/systemd sauid=root hostname=? addr=? terminal=?' ----
- links to
