Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-84905

systemd not starting service in permissive mode if mislabeled

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • CentOS Stream 10, rhel-10.0
    • systemd
    • None
    • No
    • Moderate
    • rhel-sst-cs-plumbers
    • ssg_core_services
    • 5
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      What were you trying to do that didn't work?

      Start a service with selinux set to permissive mode.

      What is the impact of this issue to you?

      We are not able to create CentOS Stream 10 images with the latest selinux-policy

      Please provide the package NVR for which the bug is seen:

      systemd-257-9.el10

      How reproducible is this bug?:

      100%

      Steps to reproduce

      1. Set the machine to permissive mode (setenforce 0)
      2. Have a service, whose startup files are labeled with a label not known to the system.
      3. Start that service with systemctl (systemctl start foo.service)

      Expected results

      The service should start, with a log that says that it is improperly labeled.

      Actual results

      The service fails with the error "Failed to determine SELinux label"

              msekleta@redhat.com Michal Sekletar
              tdawson@redhat.com Troy Dawson
              systemd maint mailing list systemd maint mailing list
              Frantisek Sumsal Frantisek Sumsal
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated: