Bug 2029850 - collectd triggers SElinux denied related to kernel module load "net-pf-10" on an IPv4-only system
Summary: collectd triggers SElinux denied related to kernel module load "net-pf-10" on...
Keywords:
Status: NEW
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: collectd
Version: epel8
Hardware: Unspecified
OS: Linux
unspecified
low
Target Milestone: ---
Assignee: Jonathan Wright
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-12-07 13:13 UTC by Peter Bieringer
Modified: 2024-05-17 12:33 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Peter Bieringer 2021-12-07 13:13:23 UTC 
Description of problem:
starting collectd on an IPv4-only system resulting in a SElinux denied message

Version-Release number of selected component (if applicable):
collectd-5.9.0-5.el8.x86_64

How reproducible:
always


Steps to Reproduce:
1. disable IPv4
2. start collectd

Actual results:
tail -f /var/log/audit/audit.log | egrep "denied.*collectd"

type=AVC msg=audit(1638875626.890:18521602): avc:  denied  { module_request } for  pid=1840981 comm="collectd" kmod="net-pf-10" scontext=system_u:system_r:collectd_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=0

(one-time)


Expected results:
No such message

Additional info:
Comment 1 Fedora Admin user for bugzilla script actions 2024-05-17 00:14:11 UTC 
This package has changed maintainer in Fedora. Reassigning to the new maintainer of this component.
Comment 2 Fedora Admin user for bugzilla script actions 2024-05-17 12:33:14 UTC 
This package has changed maintainer in Fedora. Reassigning to the new maintainer of this component.
Note You need to log in before you can comment on or make changes to this bug.