Bug 1321785

Summary: [SELinux] user_avc seen in audit logs while nfs-ganesha configuration -RHEL7
Product: Red Hat Enterprise Linux 7 Reporter: Shashank Raj <sraj>
Component: selinux-policyAssignee: Lukas Vrabec <lvrabec>
Status: CLOSED ERRATA QA Contact: Milos Malik <mmalik>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 7.2CC: jthottan, kkeithle, lvrabec, mgrepl, mmalik, mvadkert, ndevos, nlevinki, plautrba, pprakash, pvrabec, rhinduja, rhs-bugs, sashinde, skoduri, sraj, ssekidde, storage-qa-internal
Target Milestone: rcKeywords: ZStream
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: selinux-policy-3.13.1-82.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1321781 Environment:
Last Closed: 2016-11-04 02:45:52 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1321781    

Comment 2 Lukas Vrabec 2016-06-22 15:51:47 UTC 
Hi Sraj, 
What is state of this issue? Can you still reproduce?
Comment 3 Shashank Raj 2016-06-24 09:49:24 UTC 
Yes Lukas,

I still below AVC's with the latest ganesha builds:

type=USER_AVC msg=audit(1466759986.564:3277): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc:  denied  { status } for auid=n/a uid=0 gid=0 cmdline="systemctl is-enabled corosync pacemaker pcsd" scontext=system_u:system_r:glusterd_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=system  exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'

type=USER_AVC msg=audit(1466759968.317:3273): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc:  denied  { status } for auid=n/a uid=0 gid=0 cmdline="systemctl is-enabled corosync pacemaker pcsd" scontext=system_u:system_r:glusterd_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=system  exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Comment 8 errata-xmlrpc 2016-11-04 02:45:52 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2283.html