Loading...

Linking RHIVOS CVEs to...

Migration: Automation ...

SWIFT: Generate New Ti...

SWIFT: POC Conversion

Sync from "Extern...

XML

Word

Printable

Type: Bug
Resolution: Done-Errata
Priority: Normal
Fix Version/s: rhel-9.7
Affects Version/s: rhel-9.6
Component/s: selinux-policy
Labels:
None

Fixed in Build:
selinux-policy-38.1.57-1.el9
Regression:
No
Severity:
Low
Epic Link:
SELINUX-3824
sprint_count:
1

AssignedTeam:
rhel-security-selinux
Sub-System Group:

ssg_security

Internal Target Milestone:
15
Story Points:
1
Blocked:
False
Ready:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
No
Sprint:
SELINUX 250604: 7

Acceptance Criteria:

Hide

The reproducer does not trigger SELinux denials.

Show
The reproducer does not trigger SELinux denials.
Preliminary Testing:
Pass
Errata Link:
https://errata.engineering.redhat.com/advisory/148008
Test Coverage:

Automated

Release Note Type:
Release Note Not Required
ProdDocsReview-CCS:
Unspecified
ProdDocsReview-Dev:
Unspecified
ProdDocsReview-QE:
Unspecified

Experience:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

The following AVC is shown during NetworkManager-ci test no_uuid_in_keyfile_in_usr_lib_dir.

Affected Versions:

NetworkManager-1.52.0-1.el9_6.x86_64
selinux-policy-38.1.53-2.el9.noarch

----
time->Sun Apr 6 06:13:33 2025 type=PROCTITLE msg=audit(1743934413.508:5735): proctitle=2F7573722F7362696E2F4E6574776F726B4D616E61676572002D2D6E6F2D6461656D6F6E type=SYSCALL msg=audit(1743934413.508:5735): arch=c00000b7 syscall=36 success=no exit=-13 a0=aaaab849cbd8 a1=ffffffffffffff9c a2=aaaab8f453f0 a3=c items=0 ppid=1 pid=510435 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="NetworkManager" exe="/usr/sbin/NetworkManager" subj=system_u:system_r:NetworkManager_t:s0 key=(null) type=AVC msg=audit(1743934413.508:5735): avc: denied { create } for pid=510435 comm="NetworkManager" name="e67e0f3e-2f92-366c-a47e-07d1af9c7cbe.nmmeta~" scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:object_r:NetworkManager_etc_rw_t:s0 tclass=lnk_file permissive=0 
----
time->Sun Apr 6 06:13:33 2025 type=PROCTITLE msg=audit(1743934413.508:5736): proctitle=2F7573722F7362696E2F4E6574776F726B4D616E61676572002D2D6E6F2D6461656D6F6E type=SYSCALL msg=audit(1743934413.508:5736): arch=c00000b7 syscall=36 success=no exit=-13 a0=aaaab849cbd8 a1=ffffffffffffff9c a2=aaaab8f61000 a3=c items=0 ppid=1 pid=510435 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="NetworkManager" exe="/usr/sbin/NetworkManager" subj=system_u:system_r:NetworkManager_t:s0 key=(null) type=AVC msg=audit(1743934413.508:5736): avc: denied { create } for pid=510435 comm="NetworkManager" name="e67e0f3e-2f92-366c-a47e-07d1af9c7cbe.nmmeta~" scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:object_r:NetworkManager_var_run_t:s0 tclass=lnk_file permissive=0

links to

github pr

RHBA-2025:148008 selinux-policy bug fix and enhancement update

TCMS Test Case 105820

Assignee:: Zdenek Pytela

Reporter:: Filip Pokryvka

Developer:: Zdenek Pytela

QA Contact:: Milos Malik

Votes:: 0 Vote for this issue

Watchers:: 8 Start watching this issue

Created:: 2025/04/07 5:40 AM

Updated:: 2025/11/11 10:35 AM

Resolved:: 2025/11/11 10:35 AM

Target end:: 2025/06/09

Next Planned Release Date:: 2025/11/11

Release Date:: 2025/11/11

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates