1263148 – [7.1-3.5.4] avc denied errors (dev="tmpfs") in audit.log

Bug 1263148 - [7.1-3.5.4] avc denied errors (dev="tmpfs") in audit.log

Summary: [7.1-3.5.4] avc denied errors (dev="tmpfs") in audit.log

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Virtualization Manager
Classification:	Red Hat
Component:	ovirt-node
Sub Component:
Version:	3.5.4
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	medium
Target Milestone:	ovirt-3.6.0-rc3
Target Release:	3.6.0
Assignee:	Fabian Deutsch
QA Contact:	cshao
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1266095
TreeView+	depends on / blocked

Reported:	2015-09-15 08:23 UTC by cshao
Modified:	2016-03-09 14:38 UTC (History)
CC List:	10 users (show)
Fixed In Version:	ovirt-node-3.2.3-23 rhev-hypervisor7-7.1-20150917.0 rhev-hypervisor6-6.7-20150917.0
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Clones:	1266095 (view as bug list)
Environment:
Last Closed:	2016-03-09 14:38:05 UTC
oVirt Team:	Node
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
avc7.tar.gz (3.96 MB, application/x-gzip) 2015-09-15 08:23 UTC, cshao	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2016:0378	0	normal	SHIPPED_LIVE	ovirt-node bug fix and enhancement update for RHEV 3.6	2016-03-09 19:06:36 UTC
oVirt gerrit	42693	0	None	None	None	Never

Description cshao 2015-09-15 08:23:34 UTC

Created attachment 1073536 [details]
avc7.tar.gz

Description of problem:
After RHEVH installed,there are AVC denied errors (dev="tmpfs") in audit.log.

Version:
rhev-hypervisor7-7.1-20150911.0.el6ev
ovirt-node-3.2.3-20.el7.noarch
selinux-policy-3.13.1-23.el7_1.17.noarch

How reproducible:
100%

Steps to Reproduce:
1.RHEV-H installed successful. selinux in enforcing mode as default.
2.Login to rhevh,

# grep "avc:  denied" /var/log/audit/audit.log
type=AVC msg=audit(1442218987.816:265): avc:  denied  { unlink } for  pid=17150 comm="rm" name="ntp.conf.predhclient.em1" dev="tmpfs" ino=52480 scontext=unconfined_u:system_r:dhcpc_t:s0-s0:c0.c1023 tcontext=system_u:object_r:tmpfs_t:s0 tclass=file

  
Actual results:
AVC msgs in audit.log

Expected results:
No avc denied errors in audit.log.


Additional info:

Comment 4 cshao 2015-10-26 06:41:48 UTC

Test version:
rhev-hypervisor7-7.2-20151025.0.el7ev
ovirt-node-3.3.0-0.18.20151022git82dc52c.el7ev.noarch
selinux-policy-3.13.1-60.el7.noarch

Test steps:
1.RHEV-H installed successful. selinux in enforcing mode as default.
2.Login to rhevh,
3. Run command: # grep "avc:  denied" /var/log/audit/audit.log

Test result:
No avc denied errors in audit.log.

So the bug is fixed, change bug status to VERIFIED.

Comment 6 errata-xmlrpc 2016-03-09 14:38:05 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-0378.html

Note You need to log in before you can comment on or make changes to this bug.