-
Bug
-
Resolution: Unresolved
-
Normal
-
rhel-10.0.beta
-
selinux-policy-40.13.10-1.el10
-
No
-
Important
-
FutureFeature
-
1
-
sst_security_selinux
-
ssg_security
-
9
-
1
-
QE ack
-
False
-
-
No
-
Red Hat Enterprise Linux
-
SELINUX 241016 - 241106
-
-
Pass
-
Automated
-
Unspecified Release Note Type - Unknown
-
None
What were you trying to do that didn't work?
No SELinux label for /dev/sgx* devices.
Please provide the package NVR for which bug is seen:
selinux-policy-38.1.35-2.el9_4.2.noarch
selinux-policy-targeted-38.1.35-2.el9_4.2.noarch
How reproducible:
Always.
Steps to reproduce
- Install RHEL9.4 on a system whose CPU with sgx support.
- Run the command `find /dev -context :device_t: ( -type c -o -type b ) -printf "%p %Z\n"` as root
Expected results
All devices should be properly labeled.
Actual results
Get the following result:
/dev/sgx_vepc system_u:object_r:device_t:s0
/dev/sgx_provision system_u:object_r:device_t:s0
- clones
-
RHEL-50922 Need to label the /dev/sgx* devices.
- Release Pending
- links to
-
RHBA-2024:130707 selinux-policy bug fix and enhancement update
-
RHBA-2024:140162 selinux-policy bug fix and enhancement update
(1 links to)