Loading...

Linking RHIVOS CVEs to...

Migration: Automation ...

SWIFT: POC Conversion

Sync from "Extern...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Normal
Fix Version/s: None
Affects Version/s: rhel-9.6
Component/s: fapolicyd
Labels:
- selinux_triaged

Regression:
Yes
Severity:
Low
Keywords:

TestCaseProvided

AssignedTeam:
rhel-security-selinux
Sub-System Group:

ssg_security

Story Points:
None
Blocked:
False
Ready:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
None
Products:

Red Hat Enterprise Linux
Sprint:
None

Preliminary Testing:
None
Test Coverage:
None

ProdDocsReview-CCS:
Unspecified
ProdDocsReview-Dev:
Unspecified
ProdDocsReview-QE:
Unspecified

Experience:
Architecture:

All

PX Impact Score:
SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

A customer noticed that fapolicyd was dying in error when reloading its database.
It occurs everytime after fapolicyd-cli --check-trustdb was executed, as shown in the reproducer below:

# fapolicyd-cli --check-trustdb
# fapolicyd-cli --update

Result:

[...] fapolicyd[22158]: 05/26/2025 08:40:14 [ INFO ]: It looks like there was an update of the system... Syncing DB.
[...] fapolicyd[22158]: 05/26/2025 08:40:14 [ DEBUG ]: backend rpmdb registered
[...] fapolicyd[22158]: 05/26/2025 08:40:14 [ DEBUG ]: backend file registered
[...] fapolicyd[22158]: 05/26/2025 08:40:14 [ INFO ]: Loading rpmdb backend
[...] fapolicyd[22158]: 05/26/2025 08:40:15 [ DEBUG ]: Loading file backend
[...] fapolicyd[22158]: 05/26/2025 08:40:15 [ INFO ]: Updating trust database
[...] fapolicyd[22158]: 05/26/2025 08:40:15 [ DEBUG ]: Loading trust database backends
[...] fapolicyd[22158]: 05/26/2025 08:40:15 [ ERROR ]: Cannot delete database (1)
[...] fapolicyd[22158]: 05/26/2025 08:40:15 [ ERROR ]: Cannot update trust database!
[...] systemd[1]: fapolicyd.service: Main process exited, code=exited, status=1/FAILURE

The error 1 occurs in delete_all_entries_db() function execution, on line 579:

 573 static int delete_all_entries_db()
 574 {
 575         int rc = 0;
 576         MDB_txn *txn;
 577 
 578         if (mdb_txn_begin(env, NULL, 0, &txn))
 579                 return 1;
 :

This is due to liblmdb function call on line 578 to fail with EINVAL, as seen with systemtap tracing:

     0 fapolicyd(22159):->mdb_txn_begin env=0x56299dc08ce0 parent=0x0 flags=0x0 ret=0x7f70471fc470
    14 fapolicyd(22159): ->mdb_txn_renew0 txn=0x56299dc09ec0
   127 fapolicyd(22159):  ->mdb_mutex_failed env=0x56299dc08ce0 mutex=0x7f704b3c0040 rc=0x16
   132 fapolicyd(22159):  <-mdb_mutex_failed return=0x16
   134 fapolicyd(22159): <-mdb_txn_renew0 return=0x16
   135 fapolicyd(22159):<-mdb_txn_begin return=0x16

This occurs when the mdb mutex is grabbed.
liblmdb is not compiled with debugging support, but it seems the error occurs because the previous mutex owner (fapolicyd-cli --check-trustdb) didn't release the lock, but I'm not sure about this for now.

Assignee:: Petr Lautrbach

Reporter:: Renaud Métrich

QA Contact:: SSG Security QE

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Created:: 2025/05/26 7:04 AM

Updated:: 2025/10/10 5:30 AM

Stale Date:: 2026/05/25

Details

Description

Attachments

Easy Agile Planning Poker

Activity

People

Dates