Bug 1263143 - sshd_t denials in audit.log
sshd_t denials in audit.log
Status: CLOSED ERRATA
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-node (Show other bugs)
3.5.4
Unspecified Unspecified
high Severity medium
: ovirt-3.6.0-rc3
: 3.6.0
Assigned To: Fabian Deutsch
cshao
: ZStream
Depends On:
Blocks: 1266094
  Show dependency treegraph
 
Reported: 2015-09-15 04:21 EDT by cshao
Modified: 2016-03-09 09:37 EST (History)
10 users (show)

See Also:
Fixed In Version: ovirt-node-3.2.3-23 rhev-hypervisor7-7.1-20150917.0 rhev-hypervisor6-6.7-20150917.0
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1266094 (view as bug list)
Environment:
Last Closed: 2016-03-09 09:37:58 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: Node
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
avc.tar.gz (1.13 MB, application/x-gzip)
2015-09-15 04:21 EDT, cshao
no flags Details


External Trackers
Tracker ID Priority Status Summary Last Updated
oVirt gerrit 46150 master MERGED semodule: Anoter rule Never
oVirt gerrit 46156 ovirt-3.6 MERGED semodule: Anoter rule Never
oVirt gerrit 46176 ovirt-3.5 MERGED semodule: Anoter rule Never

  None (edit)
Description cshao 2015-09-15 04:21:37 EDT
Created attachment 1073533 [details]
avc.tar.gz

Description of problem:
After RHEVH installed,there are AVC denied errors in audit.log.

Version:
rhev-hypervisor6-6.7-20150911.0.el6ev
ovirt-node-3.2.3-20.el6.noarch
selinux-policy-3.7.19-279.el6_7.5.noarch

+
rhev-hypervisor7-7.1-20150911.0.el6ev
ovirt-node-3.2.3-20.el7.noarch
selinux-policy-3.13.1-23.el7_1.17.noarch

How reproducible:
100%

Steps to Reproduce:
1.RHEV-H installed successful. selinux in enforcing mode as default.
2.Login to rhevh,

rhev-hypervisor6-6.7-20150911.0.el6ev
# grep "avc:  denied" /var/log/audit/audit.log
type=AVC msg=audit(1442297840.266:191555): avc:  denied  { signull } for  pid=4411 comm="sshd" scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:system_r:local_login_t:s0-s0:c0.c1023 tclass=process


rhev-hypervisor7-7.1-20150911.0.el6ev
# grep "avc:  denied" /var/log/audit/audit.log
type=AVC msg=audit(1442220371.841:628): avc:  denied  { signull } for  pid=19746 comm="sshd" scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:system_r:local_login_t:s0-s0:c0.c1023 tclass=process
type=AVC msg=audit(1442297821.262:7760): avc:  denied  { signull } for  pid=12159 comm="sshd" scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:system_r:local_login_t:s0-s0:c0.c1023 tclass=process
type=AVC msg=audit(1442298766.021:7898): avc:  denied  { signull } for  pid=13324 comm="sshd" scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:system_r:local_login_t:s0-s0:c0.c1023 tclass=process

  
Actual results:
AVC msgs in audit.log

Expected results:
No avc denied errors in audit.log.


Additional info:
Comment 4 cshao 2015-10-26 02:45:14 EDT
Test version:
rhev-hypervisor7-7.2-20151025.0.el7ev
ovirt-node-3.3.0-0.18.20151022git82dc52c.el7ev.noarch
selinux-policy-3.13.1-60.el7.noarch

Test steps:
1.RHEV-H installed successful. selinux in enforcing mode as default.
2.Login to rhevh,
3. Run command: #grep "avc:  denied" /var/log/audit/audit.log

Test result:
No avc denied errors in audit.log.

So the bug is fixed, change bug status to VERIFIED.
Comment 6 errata-xmlrpc 2016-03-09 09:37:58 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-0378.html

Note You need to log in before you can comment on or make changes to this bug.