-
Bug
-
Resolution: Unresolved
-
Major
-
rhel-9.7.z
-
selinux-policy-38.1.59-1.el9
-
No
-
Important
-
1
-
rhel-security-selinux
-
ssg_security
-
20
-
1
-
False
-
False
-
-
No
-
SELINUX 250716: 9
-
-
Pass
-
RegressionOnly
-
Release Note Not Required
-
Unspecified
-
Unspecified
-
Unspecified
-
-
All
-
None
What were you trying to do that didn't work?
Install the coreos-installer-bootinfra package
What is the impact of this issue to you?
It is causing a failure during the coreos-installer CI in the osci.installability
Please provide the package NVR for which the bug is seen:
selinux-policy-targeted-38.1.57-1.el9.noarch
How reproducible is this bug?:
Install coreos-installer-bootinfra package on a rhel which contains selinux-policy-targeted version 38.1.57-1
Steps to reproduce
- execute:
dnf install coreos-installer-bootinfra
- execute:
ausearch -m avc --raw | audit2why
You should see:
type=AVC msg=audit(1749151126.017:83): avc: denied { search } for pid=4343 comm="coreos-installe" name="sss" dev="vda4" ino=1037 scontext=system_u:system_r:coreos_installer_t:s0 tcontext=system_u:object_r:sssd_var_lib_t:s0 tclass=dir permissive=1
Expected results
Do not see an avc denied in the audit logs.
Actual results
type=AVC msg=audit(1749151126.017:83): avc: denied { search } for pid=4343 comm="coreos-installe" name="sss" dev="vda4" ino=1037 scontext=system_u:system_r:coreos_installer_t:s0 tcontext=system_u:object_r:sssd_var_lib_t:s0 tclass=dir permissive=1
- is depended on by
-
COS-2286 Add gating test for coreos-installer
-
- Review
-
- links to
-
RHBA-2025:148008
selinux-policy bug fix and enhancement update