Bug 1679468
| Summary: | avc: denied { signull } for comm="systemd-journal" | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Martin Pitt <mpitt> |
| Component: | selinux-policy | Assignee: | Lukas Vrabec <lvrabec> |
| Status: | CLOSED DUPLICATE | QA Contact: | Milos Malik <mmalik> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 8.0 | CC: | lvrabec, mgrepl, mmalik, plautrba, ssekidde, zpytela |
| Target Milestone: | rc | Keywords: | Regression |
| Target Release: | 8.0 | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-02-21 09:08:35 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
*** This bug has been marked as a duplicate of bug 1676923 *** |
Description of problem: A *very* recent update in RHEL 8.0 nightlies now causes the following SELinux violation variations at every boot: avc: denied { signull } for pid=580 comm="systemd-journal" scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:system_r:crond_t:s0-s0:c0.c1023 tclass=process permissive=0 avc: denied { signull } for pid=580 comm="systemd-journal" scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=process permissive=0 avc: denied { signull } for pid=580 comm="systemd-journal" scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tclass=process permissive=0 avc: denied { signull } for pid=580 comm="systemd-journal" scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:system_r:sssd_t:s0 tclass=process permissive=0 avc: denied { signull } for pid=580 comm="systemd-journal" scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:system_r:systemd_logind_t:s0 tclass=process permissive=0 avc: denied { signull } for pid=580 comm="systemd-journal" scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:system_r:systemd_machined_t:s0 tclass=process permissive=0 avc: denied { signull } for pid=580 comm="systemd-journal" scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:system_r:udev_t:s0-s0:c0.c1023 tclass=process permissive=0 Version-Release number of selected component (if applicable): selinux-policy-targeted-3.14.1-60.el8.noarch systemd-239-4.el8.x86_64 kernel 4.18.0-69.el8 How reproducible: Always Steps to Reproduce: 1. Boot current nightly Additional info: Our previously built image from February 14 did not have that problem. Same systemd version, but selinux-policy version was 3.14.1-59.el8.noarch, and kernel at 4.18.0-67. So the regression is likely between the two latter.