Bug 2137323 - SELinux is preventing syslogd_t to relabelfrom and relabelto var_log_t file
Summary: SELinux is preventing syslogd_t to relabelfrom and relabelto var_log_t file
Keywords:
Status: CLOSED DUPLICATE of bug 2075527
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: rawhide
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Zdenek Pytela
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2022-10-24 13:06 UTC by Patrik Koncity
Modified: 2022-12-15 17:47 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-10-24 13:13:20 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Patrik Koncity 2022-10-24 13:06:54 UTC 
Description of problem:
SELinux is preventing syslogd_t to relabelfrom and relabelto var_log_t file

Version-Release number of selected component (if applicable):
selinux-policy
keylime

Actual results:
Tests show denials.


Expected results:
Tests won't show any denials.


Additional info:
From keylime point of view, the denials not cause any fails in testsuite. So maybe possible way how to solve it is dontaudit these rules. I'm not able to reproduce, it appears only in CI.

time->Mon Oct 24 09:00:00 2022
type=AVC msg=audit(1666602000.233:861): avc:  denied  { relabelfrom } for  pid=542 comm="journal-offline" name=".#user-1000" dev="nvme0n1p5" ino=74421 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:var_log_t:s0 tclass=file permissive=0



https://artifacts.dev.testing-farm.io/59192121-dab6-4a22-91be-d07f0335e0e9/
Comment 1 Patrik Koncity 2022-10-24 13:11:05 UTC 
Also need to dontaudit thise rule:

dontaudit syslogd_t var_log_t:file relabelto;
Comment 2 Zdenek Pytela 2022-10-24 13:13:20 UTC 

*** This bug has been marked as a duplicate of bug 2075527 ***
Note You need to log in before you can comment on or make changes to this bug.