Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-94536

File /run/fapolicyd differs from RPM expectations

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • rhel-10.1
    • rhel-9.5
    • fapolicyd
    • None
    • fapolicyd-1.3.3-105.el10
    • Yes
    • Low
    • 1
    • rhel-security-special-projects
    • ssg_security
    • 1
    • QE ack, Dev ack
    • False
    • False
    • Hide

      None

      Show
      None
    • Yes
    • SECENGSP Cycle 24
    • Release Note Not Required
    • None

      What were you trying to do that didn't work?

      During our work on RHEL Image Mode Compliance, we have discovered an issue with "/run/fapolicyd" file mode and groupownership. However, the issue is also present in a normal RHEL (not image mode).

      What is the impact of this issue to you?

      This problem will be flagged by OpenSCAP scans of profiles that contain rule "rpm_verify_permissions".

      Please provide the package NVR for which the bug is seen:

      fapolicyd-1.3.3-100.el9.x86_64

      How reproducible is this bug?:

      deterministic

      Steps to reproduce

      1.  dnf -y install fapolicyd
      2. systemctl enable --now fapolicyd
      3. rpm -V fapolicyd

      Expected results

      the file /run/fapolicyd doesn't differ from RPM expectation

      Actual results

      rpm -V fapolicyd

      .M....G..    /run/fapolicyd

              rsroka@redhat.com Radovan Sroka (Inactive)
              jcerny@redhat.com Jan Cerny
              Natália Bubáková Natália Bubáková
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: