Bug 2152684 - since selinux-policy-38.2-1.fc38 - avc: denied { syslog_console } for pid=297 comm="plymouthd" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system
Summary: since selinux-policy-38.2-1.fc38 - avc: denied { syslog_console } for pid=...
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: rawhide
Hardware: All
OS: Linux
high
medium
Target Milestone: ---
Assignee: Zdenek Pytela
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard: openqa
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2022-12-12 17:13 UTC by Adam Williamson
Modified: 2022-12-16 20:19 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-12-16 20:19:49 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github fedora-selinux selinux-policy pull 1509 0 None open Grant kernel_t certain permissions in the system class 2022-12-13 10:41:46 UTC

Description Adam Williamson 2022-12-12 17:13:01 UTC 
Since selinux-policy-38.2-1.fc38 appeared in Rawhide, openQA is seeing two or three denials of this kind I think on every boot of a Rawhide system:

----
time->Wed Dec  7 11:41:13 2022
type=PROCTITLE msg=audit(1670431273.011:163): proctitle=407573722F7362696E2F706C796D6F75746864002D2D6D6F64653D626F6F74002D2D7069642D66696C653D2F72756E2F706C796D6F7574682F706964002D2D6174746163682D746F2D73657373696F6E
type=SYSCALL msg=audit(1670431273.011:163): arch=c000003e syscall=103 success=no exit=-13 a0=6 a1=0 a2=0 a3=0 items=0 ppid=1 pid=297 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="plymouthd" exe=2F7573722F7362696E2F706C796D6F75746864202864656C6574656429 subj=system_u:system_r:kernel_t:s0 key=(null)
type=AVC msg=audit(1670431273.011:163): avc:  denied  { syslog_console } for  pid=297 comm="plymouthd" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=0
----
time->Wed Dec  7 11:41:13 2022
type=PROCTITLE msg=audit(1670431273.421:169): proctitle=407573722F7362696E2F706C796D6F75746864002D2D6D6F64653D626F6F74002D2D7069642D66696C653D2F72756E2F706C796D6F7574682F706964002D2D6174746163682D746F2D73657373696F6E
type=SYSCALL msg=audit(1670431273.421:169): arch=c000003e syscall=103 success=no exit=-13 a0=7 a1=0 a2=0 a3=7ffed71167f7 items=0 ppid=1 pid=297 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="plymouthd" exe=2F7573722F7362696E2F706C796D6F75746864202864656C6574656429 subj=system_u:system_r:kernel_t:s0 key=(null)
type=AVC msg=audit(1670431273.421:169): avc:  denied  { syslog_console } for  pid=297 comm="plymouthd" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=0
----
time->Wed Dec  7 11:41:13 2022
type=PROCTITLE msg=audit(1670431273.422:170): proctitle=407573722F7362696E2F706C796D6F75746864002D2D6D6F64653D626F6F74002D2D7069642D66696C653D2F72756E2F706C796D6F7574682F706964002D2D6174746163682D746F2D73657373696F6E
type=SYSCALL msg=audit(1670431273.422:170): arch=c000003e syscall=103 success=no exit=-13 a0=7 a1=0 a2=0 a3=7ffed71167f7 items=0 ppid=1 pid=297 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="plymouthd" exe=2F7573722F7362696E2F706C796D6F75746864202864656C6574656429 subj=system_u:system_r:kernel_t:s0 key=(null)
type=AVC msg=audit(1670431273.422:170): avc:  denied  { syslog_console } for  pid=297 comm="plymouthd" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=0
Comment 1 Ondrej Mosnacek 2022-12-12 17:45:38 UTC 
This is probably my fault due to https://github.com/fedora-selinux/selinux-policy/pull/1475

I'll submit a PR with the fix tomorrow.
Comment 2 Zdenek Pytela 2022-12-13 18:39:40 UTC 
Merged.
Comment 3 Adam Williamson 2022-12-15 17:21:05 UTC 
Looks like the fix should be in the next compose, I will check it. Thanks!
Comment 4 Adam Williamson 2022-12-16 20:19:49 UTC 
Yup, looks good.
Note You need to log in before you can comment on or make changes to this bug.