Bug ID 1228380
Summary [SELinux] extreme grub error flood, grub2-mkrelpath and grub2-script-check
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware Other
OS openSUSE Tumbleweed
Status NEW
Severity Normal
Priority P5 - None
Component Security
Assignee security-team@suse.de
Reporter pallaswept@proton.me
QA Contact security-team@suse.de
Target Milestone ---
Found By ---
Blocker --- 

This one is hammering my logs quite badly. Any assistance would be greatly
appreciated.

SELinux status, mode and policy name: enabled, targeted, enforcing
SELinux policy version and repository: repo-oss  selinux-policy
The software (incl. version) that is affected by the SELinux issue and the
error message: grub
SELinux Audit log: The log is impossibly large due to the density of these
messages. These are the two messages:

Hundreds per second, in bursts
----
time->Sun Jul 28 08:00:13 2024
type=AVC msg=audit(1722117613.981:2165): avc:  denied  { execute } for 
pid=51597 comm="grub" name="grub2-mkrelpath" dev="nvme0n1p2" ino=4261726
scontext=system_u:system_r:snapperd_t:s0
tcontext=system_u:object_r:bootloader_exec_t:s0 tclass=file permissive=0

Once per minute, every minute
----
time->Sun Jul 28 08:00:13 2024
type=AVC msg=audit(1722117613.985:2166): avc:  denied  { execute } for 
pid=51600 comm="grub" name="grub2-script-check" dev="nvme0n1p2" ino=4261732
scontext=system_u:system_r:snapperd_t:s0
tcontext=system_u:object_r:bootloader_exec_t:s0 tclass=file permissive=0
----

Any other important details: Installed SElinux on existing TW system using this
doc
https://en.opensuse.org/Portal:SELinux/Setup#Setup_SELinux_on_existing_tumbleweed_systems

Thanks!

You are receiving this mail because: