Bug 1474217 - avc denied errors (abrt-action-sav) in audit.log
avc denied errors (abrt-action-sav) in audit.log
Status: CLOSED CURRENTRELEASE
Product: ovirt-node
Classification: oVirt
Component: Installation & Update (Show other bugs)
4.1
Unspecified Unspecified
unspecified Severity medium (vote)
: ovirt-4.1.5
: ---
Assigned To: Ryan Barry
cshao
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2017-07-24 03:30 EDT by cshao
Modified: 2017-08-01 02:48 EDT (History)
12 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-08-01 02:48:27 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: Node
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
rule-engine: ovirt‑4.1+
cshao: testing_ack+


Attachments (Terms of Use)
all log info (9.36 MB, application/x-gzip)
2017-07-24 03:30 EDT, cshao
no flags Details

  None (edit)
Description cshao 2017-07-24 03:30:24 EDT
Created attachment 1303489 [details]
all log info

Description of problem:
After redhat-virtualization-host-4.1-20170721.0 installed, there are AVC denied errors (abrt-action-sav) in audit.log.

# grep "avc:  denied" /var/log/audit/audit.log
type=AVC msg=audit(1500879742.176:197): avc:  denied  { write } for  pid=26254 comm="abrt-action-sav" name=".dbenv.lock" dev="dm-3" ino=8786413 scontext=system_u:system_r:abrt_t:s0-s0:c0.c1023 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=file
type=AVC msg=audit(1500879742.180:198): avc:  denied  { write } for  pid=26254 comm="abrt-action-sav" name=".dbenv.lock" dev="dm-3" ino=8786413 scontext=system_u:system_r:abrt_t:s0-s0:c0.c1023 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=file
type=AVC msg=audit(1500879742.181:199): avc:  denied  { write } for  pid=26254 comm="abrt-action-sav" name=".dbenv.lock" dev="dm-3" ino=8786413 scontext=system_u:system_r:abrt_t:s0-s0:c0.c1023 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=file



Version-Release number of selected component (if applicable):
redhat-virtualization-host-4.1-20170721.0
imgbased-0.9.34-0.1.el7ev.noarch
selinux-policy-3.13.1-166.el7.noarch

How reproducible:
80%

Steps to Reproduce:
1.RHVH installed successful. selinux in enforcing mode as default.
2.Login to RHVH,
#grep "avc:  denied" /var/log/audit/audit.log

Actual results:
AVC denied error msgs in audit.log

Expected results:
No avc denied errors in audit.log.

Additional info:
Comment 1 Ryan Barry 2017-07-31 18:49:50 EDT
I can't reproduce this. Can you provide a test system, please?
Comment 2 cshao 2017-07-31 19:26:56 EDT
(In reply to Ryan Barry from comment #1)
> I can't reproduce this. Can you provide a test system, please?

Sure, I will provide the IP addr once reproduce.
Comment 3 cshao 2017-08-01 02:48:27 EDT
Test version:
redhat-virtualization-host-4.1-20170728.0 
imgbased-0.9.36-0.1.el7ev.noarch
selinux-policy-3.13.1-166.el7.noarch

After several times testing, the issue was gone. So close this bug as CURRENTRELEASE. Feel free to re-open it if still can reproduce.

Note You need to log in before you can comment on or make changes to this bug.