Bug 877026 (nopolicy)

Summary: Blocker for domains without SELinux Policy
Product: Red Hat Enterprise Linux 7 Reporter: Daniel Walsh <dwalsh>
Component: selinux-policyAssignee: Lukas Vrabec <lvrabec>
Status: CLOSED WONTFIX QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.0CC: lvrabec, mmalik
Target Milestone: rcKeywords: Tracking
Target Release: ---   
Hardware: Unspecified   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-10-12 12:18:13 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1113161, 1114490, 1118803    
Bug Blocks: 828606, 848833, 853337, 876921, 876924, 882191, 891913, 907971, 953602, 979084, 994547, 1002936, 1014226, 1018221, 1026216, 1028598, 1028607, 1028634, 1028658, 1028659, 1030071, 1030075, 1030260, 1030277, 1030489, 1032914, 1036688, 1037459, 1037475, 1037484, 1037529, 1037539, 1038187, 1039879, 1040654, 1047888, 1053447, 1060015, 1061797, 1061800, 1062630, 1063714, 1064277, 1072493, 1072997, 1077821, 1077831, 1083031, 1083162, 1083171, 1083222, 1086818, 1100808, 1100815, 1107644, 1241415, 1241446, 1241451, 1241453, 1241456, 1241513, 1393066    

Description Daniel Walsh 2012-11-15 14:59:40 UTC 
Any processes that run as initrc_t should block this bug.
Comment 1 Daniel Walsh 2012-11-15 15:13:14 UTC 
*** Bug 848829 has been marked as a duplicate of this bug. ***
Comment 3 RHEL Program Management 2014-03-22 07:04:29 UTC 
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
Comment 7 Lukas Vrabec 2017-10-12 12:18:13 UTC 
We're going to close this bug as WONTFIX because

 * of limited capacity of selinux-policy developers
 * the bug is related to EPEL component or 3rd party SW only
 * the bug appears in unsupported configuration 

We believe this bug can be fixed via a local policy module.
For more information please see: 

 * https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/selinux_users_and_administrators_guide/sect-security-enhanced_linux-troubleshooting-fixing_problems#sect-Security-Enhanced_Linux-Fixing_Problems-Allowing_Access_audit2allow

If you disagree, please re-open the bug.