Bug 1657281

Summary: USER_AVC denial between dbus-daemon and rhsmcertd_t
Product: Red Hat Enterprise Linux 8 Reporter: John Sefler <jsefler>
Component: selinux-policyAssignee: Lukas Vrabec <lvrabec>
Status: CLOSED ERRATA QA Contact: Milos Malik <mmalik>
Severity: medium Docs Contact:
Priority: medium    
Version: 8.0CC: ernunes, khowell, lvrabec, mmalik, plautrba, ssekidde, zpytela
Target Milestone: rcKeywords: Triaged
Target Release: 8.1   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-11-05 22:09:45 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1673107    
Bug Blocks:    

Description John Sefler 2018-12-07 15:07:25 UTC
Description of problem:

The following was logged to /var/log/audit/audit.log during an automated test run.  Unfortunately I do not know the exact reproducer steps.  Please advise.

type=USER_AVC msg=audit(1544160457.712:22978): pid=737 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc: denied { send_msg } for msgtype=method_return dest=:1.2738 spid=21488 tpid=21485 scontext=system_u:system_r:rhsmcertd_t:s0-s0:c0.c1023 tcontext=system_u:system_r:rpm_t:s0 tclass=dbus permissive=0 exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'UID="dbus" AUID="unset" SAUID="dbus"


Version-Release number of selected component (if applicable):
# rpm -q subscription-manager selinux-policy
subscription-manager-1.23.8-4.el8.aarch64
selinux-policy-3.14.1-48.el8.noarch


How reproducible:
unknown

Steps to Reproduce:
unknown

Actual results:


Expected results:


Additional info:

Comment 2 Kevin Howell 2019-01-07 15:41:45 UTC
No reliable reproducer (yet?).

Comment 11 errata-xmlrpc 2019-11-05 22:09:45 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:3547