Bug 830781

Summary: AVCs with virsh during automated ricci test on RHEL7
Product: Red Hat Enterprise Linux 7 Reporter: Michal Trunecka <mtruneck>
Component: selinux-policyAssignee: Miroslav Grepl <mgrepl>
Status: CLOSED CURRENTRELEASE QA Contact: Michal Trunecka <mtruneck>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 7.0CC: ebenes, mmalik
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-06-13 12:41:09 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Michal Trunecka 2012-06-11 12:03:30 UTC 
Description of problem:
When running automated test selinux-policy/Regression/bz761592-ricci-and-similar following AVC showed up. All other parts of the test PASSed.

----
time->Mon Jun 11 07:55:35 2012
type=SYSCALL msg=audit(1339415735.048:731): arch=c000003e syscall=2 success=no exit=-13 a0=7f65258656ca a1=80000 a2=1b6 a3=238 items=0 ppid=24887 pid=25139 auid=4294967295 uid=994 gid=0 euid=994 suid=994 fsuid=994 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="virsh" exe="/usr/bin/virsh" subj=system_u:system_r:virsh_t:s0 key=(null)
type=AVC msg=audit(1339415735.048:731): avc:  denied  { read } for  pid=25139 comm="virsh" name="passwd" dev="dm-1" ino=49630 scontext=system_u:system_r:virsh_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file
----


Version-Release number of selected component (if applicable):
selinux-policy-3.10.0-128.el7.noarch

How reproducible:
by automated test
/CoreOS/selinux-policy/Regression/bz761592-ricci-and-similar

  
Actual results:
AVCs

Expected results:
No AVCs
Comment 1 Daniel Walsh 2012-06-11 14:15:29 UTC 
Fixed in selinux-policy-3.10.0-130.fc17
Comment 3 Ludek Smid 2014-06-13 12:41:09 UTC 
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.