Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 2000044

Summary: RHVH 4.3.18: AVC denied errors (sendto) in audit.log after register to engine
Product: Red Hat Enterprise Virtualization Manager Reporter: cshao <cshao>
Component: redhat-virtualization-hostAssignee: Sanja Bonic <sanja>
Status: CLOSED DEFERRED QA Contact: cshao <cshao>
Severity: medium Docs Contact:
Priority: medium    
Version: 4.3.11CC: arachman, cshao, dholler, lsvaty, lveyde, mavital, michal.skrivanek, mtessun, peyu, sanja, sbonazzo, shlei, weiwang, yaniwang
Target Milestone: ---Keywords: ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1778038 Environment:
Last Closed: 2021-09-01 10:25:24 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Node RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1778038    
Bug Blocks:    

Description cshao 2021-09-01 09:24:42 UTC 
+++ This bug was initially created as a clone of Bug #1778038 +++

Description of problem:
RHVH 4.3.18: AVC denied errors (sendto) in audit.log after register to engine

Version-Release number of selected component (if applicable):
RHVH-4.3-20210831.0-RHVH-x86_64-dvd1.iso

How reproducible:
100%

Steps to Reproduce:
1.RHVH-4.3-20210831.0-RHVH-x86_64-dvd1.iso installed successful. selinux in enforcing mode as default.
2. Register RHVH to engine.
3. Login to RHVH and run "grep "avc:  denied" /var/log/audit/audit.log".


Actual results:
# imgbase w 
You are on rhvh-4.3.18.1-0.20210831.0+1

# grep "avc:  denied" /var/log/audit/audit.log
type=AVC msg=audit(1630469193.928:1927): avc:  denied  { sendto } for  pid=1691 comm="chronyd" path="/run/chrony/chronyc.24025.sock" scontext=system_u:system_r:chronyd_t:s0 tcontext=system_u:system_r:virtd_t:s0-s0:c0.c1023 tclass=unix_dgram_socket permissive=0



Expected results:
No AVC error.

Additional info:
No such issue on previous build(redhat-virtualization-host-4.3.17-20210713.0.el7_9).