-
Bug
-
Resolution: Unresolved
-
Normal
-
rhel-10.0
-
None
-
None
-
sst_security_selinux
-
ssg_security
-
1
-
False
-
-
No
-
None
-
None
-
None
-
Unspecified Release Note Type - Unknown
-
-
x86_64
-
None
What were you trying to do that didn't work?
Please provide the package NVR for which bug is seen:
selinux-policy-40.13.9-1.el10.noarch
ipa-server-4.12.2-1.1.el10.x86_64
How reproducible: Always
Steps to reproduce
1. Performing ds-migration-functional tests
Expected results
Fix the AVC denials.
Actual results
selinux-policy-40.13.9-1.el10.noarch ---- time->Thu Oct 3 17:49:42 2024 type=PROCTITLE msg=audit(1727992182.622:3489): proctitle=28777367693A697061292020202020002D44464F524547524F554E44 type=PATH msg=audit(1727992182.622:3489): item=0 name="/usr/lib/systemd/system/dirsrv@.service" inode=1451794 dev=fc:03 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:dirsrv_unit_file_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 type=CWD msg=audit(1727992182.622:3489): cwd="/" type=SYSCALL msg=audit(1727992182.622:3489): arch=c000003e syscall=262 success=no exit=-13 a0=ffffff9c a1=7f3a270cda40 a2=7f3a25bfe420 a3=0 items=1 ppid=21518 pid=21525 auid=4294967295 uid=989 gid=988 euid=989 suid=989 fsuid=989 egid=988 sgid=988 fsgid=988 tty=(none) ses=4294967295 comm="httpd" exe="/usr/sbin/httpd" subj=system_u:system_r:httpd_t:s0 key=(null) type=AVC msg=audit(1727992182.622:3489): avc: denied { getattr } for pid=21525 comm="httpd" path="/usr/lib/systemd/system/dirsrv@.service" dev="vda3" ino=1451794 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:dirsrv_unit_file_t:s0 tclass=file permissive=0
- clones
-
RHEL-46808 denied { getattr } for comm="httpd" path="/usr/lib/systemd/system/dirsrv@.service"
- Planning