Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-65361

avc: denied { watch } for pid=12142 comm="systemd-resolve" path="/run/dbus/system_bus_socket" dev="tmpfs"

XMLWordPrintable

    • No
    • None
    • rhel-sst-container-tools
    • 3
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None

      What were you trying to do that didn't work?

      podman tests ran into following avc:

      type=AVC msg=audit(1730290455.514:407): avc: denied { watch } for pid=12142 comm="systemd-resolve" path="/run/dbus/system_bus_socket" dev="tmpfs" ino=104 scontext=system_u:system_r:container_init_t:s0:c953,c1015 tcontext=system_u:object_r:container_file_t:s0:c953,c1015 tclass=sock_file permissive=0

      https://datawarehouse.cki-project.org/kcidb/tests/redhat:brew-65541044-s390x-kernel_upt_13

      So far only single instance.

      Please provide the package NVR for which the bug is seen:

      kernel-6.11.0-27.el10

      Steps to reproduce

      1. run https://gitlab.com/redhat/centos-stream/tests/kernel/kernel-tests/-/tree/production/container/podman

      Expected results

      no avc

      Actual results

      avc

              lmandvek Lokesh Mandvekar
              jstancek@redhat.com Jan Stancek
              Container Runtime Eng Bot Container Runtime Eng Bot
              Container Runtime Bugs Bot Container Runtime Bugs Bot
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated: