Bug 1925305
| Summary: | AVC error: scontext=system_u:system_r:rhsmcertd_t:s0 | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Rick Alongi <ralongi> |
| Component: | selinux-policy | Assignee: | Zdenek Pytela <zpytela> |
| Status: | CLOSED DUPLICATE | QA Contact: | BaseOS QE Security Team <qe-baseos-security> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 8.4 | CC: | lvrabec, mmalik, plautrba, ssekidde |
| Target Milestone: | rc | ||
| Target Release: | 8.0 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | No Doc Update | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-02-04 20:40:55 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
*** This bug has been marked as a duplicate of bug 1923985 *** |
Description of problem: Observed AVC error scontext=system_u:system_r:rhsmcertd_t:s0 when running automated beaker test Version-Release number of selected component (if applicable): kernel: 4.18.0-280.el8.x86_64 selinux-policy-3.14.3-62.el8.noarch selinux-policy-targeted-3.14.3-62.el8.noarch How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: AVC error observed Expected results: No AVC error Additional info: SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Memory protection checking: actual (secure) Max kernel policy version: 33 selinux-policy-3.14.3-62.el8.noarch ---- time->Thu Feb 4 09:19:25 2021 type=PROCTITLE msg=audit(1612448365.116:671): proctitle=2F7573722F6C6962657865632F706C6174666F726D2D707974686F6E002F7573722F6C6962657865632F7268736D63657274642D776F726B6572 type=SYSCALL msg=audit(1612448365.116:671): arch=c000003e syscall=49 success=no exit=-13 a0=7 a1=7fff504ad4c0 a2=1c a3=31 items=0 ppid=1231 pid=60128 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="rhsmcertd-worke" exe="/usr/libexec/platform-python3.6" subj=system_u:system_r:rhsmcertd_t:s0 key=(null) type=AVC msg=audit(1612448365.116:671): avc: denied { node_bind } for pid=60128 comm="rhsmcertd-worke" saddr=::1 scontext=system_u:system_r:rhsmcertd_t:s0 tcontext=system_u:object_r:node_t:s0 tclass=tcp_socket permissive=0 sosreport: http://netqe-infra01.knqe.lab.eng.bos.redhat.com/sosreports/sosreport-netqe20-2021-02-04-fpmjtwk.tar.xz beaker job: https://beaker.engineering.redhat.com/jobs/5068547