Hide Forgot
Description of problem: * the service is shipped but it is not confined Version-Release number of selected component (if applicable): lldpd-1.0.1-2.el8.x86_64 selinux-policy-3.14.3-9.el8.noarch selinux-policy-targeted-3.14.3-9.el8.noarch How reproducible: * always Steps to Reproduce: # service lldpd status Redirecting to /bin/systemctl status lldpd.service ● lldpd.service - LLDP daemon Loaded: loaded (/usr/lib/systemd/system/lldpd.service; disabled; vendor preset: disabled) Active: inactive (dead) Docs: man:lldpd(8) # service lldpd start Redirecting to /bin/systemctl start lldpd.service # service lldpd status Redirecting to /bin/systemctl status lldpd.service ● lldpd.service - LLDP daemon Loaded: loaded (/usr/lib/systemd/system/lldpd.service; disabled; vendor preset: disabled) Active: active (running) since Tue 2019-07-02 08:09:00 EDT; 1s ago Docs: man:lldpd(8) Main PID: 8370 (lldpd) Tasks: 2 (limit: 11518) Memory: 6.0M CGroup: /system.slice/lldpd.service ├─8370 /usr/sbin/lldpd └─8372 /usr/sbin/lldpd Jul 02 08:09:00 ci-vm-10-0-136-62.hosted.upshift.rdu2.redhat.com systemd[1]: St… Jul 02 08:09:00 ci-vm-10-0-136-62.hosted.upshift.rdu2.redhat.com systemd[1]: St… Jul 02 08:09:00 ci-vm-10-0-136-62.hosted.upshift.rdu2.redhat.com lldpd[8372]: ... Jul 02 08:09:00 ci-vm-10-0-136-62.hosted.upshift.rdu2.redhat.com lldpd[8372]: ... Jul 02 08:09:00 ci-vm-10-0-136-62.hosted.upshift.rdu2.redhat.com lldpd[8372]: ... Jul 02 08:09:00 ci-vm-10-0-136-62.hosted.upshift.rdu2.redhat.com lldpd[8372]: ... Jul 02 08:09:00 ci-vm-10-0-136-62.hosted.upshift.rdu2.redhat.com lldpd[8372]: ... Jul 02 08:09:00 ci-vm-10-0-136-62.hosted.upshift.rdu2.redhat.com lldpd[8372]: ... Jul 02 08:09:00 ci-vm-10-0-136-62.hosted.upshift.rdu2.redhat.com lldpd[8372]: ... Jul 02 08:09:00 ci-vm-10-0-136-62.hosted.upshift.rdu2.redhat.com lldpd[8372]: ... Hint: Some lines were ellipsized, use -l to show in full. # ps -efZ | grep lldpd system_u:system_r:unconfined_service_t:s0 root 8370 1 0 08:08 ? 00:00:00 /usr/sbin/lldpd system_u:system_r:unconfined_service_t:s0 lldpd 8372 8370 0 08:08 ? 00:00:00 /usr/sbin/lldpd unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 root 8385 4655 0 08:09 pts/0 00:00:00 grep --color=auto lldpd # ls -Z /usr/sbin/lldpd system_u:object_r:bin_t:s0 /usr/sbin/lldpd # Actual results: * the service is not confined Expected results: * the service is confined Additional info: * based on man pages for lldpd and lldpad, they are related (Link Layer Discovery Protocol)
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:1773