Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be unavailable on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 1733677 - pcp spams system journal with SELinux read AVCs
Summary: pcp spams system journal with SELinux read AVCs
Keywords:
Status: CLOSED DUPLICATE of bug 1721644
Alias: None
Product: Fedora
Classification: Fedora
Component: pcp
Version: 29
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Nathan Scott
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-07-27 09:01 UTC by Georg Sauthoff
Modified: 2019-07-29 01:38 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-07-29 01:38:07 UTC
Type: Bug


Attachments (Terms of Use)

Description Georg Sauthoff 2019-07-27 09:01:25 UTC
Description of problem:
When running Fedora 29 pcp triggers several read denied AVCs.

Version-Release number of selected component (if applicable):
pcp-4.3.2-1.fc29.x86_64

How reproducible:
always

Steps to Reproduce:
1. make sure that pcp is installed (e.g. as a dependency of dstat)
2. journalctl -n 8000
3. search for AVC denied messages

Actual results:
Several repeats of read denied AVCs like this one:

audit[7229]: AVC avc:  denied  { read } for  pid=72
29 comm="mdadm" path="/var/lib/pcp/pmdas/linux/help.dir" dev="sdc4" ino=203264 s
context=system_u:system_r:mdadm_t:s0 tcontext=system_u:object_r:pcp_var_lib_t:s0
 tclass=file permissive=0

When they occur they are repeated 4, 8 or even 20 times or so.

Expected results:
No such AVC errors.

Additional info:

Comment 1 Nathan Scott 2019-07-29 01:38:07 UTC

*** This bug has been marked as a duplicate of bug 1721644 ***


Note You need to log in before you can comment on or make changes to this bug.