[Bug 1223599] selinux: systemd-fstab-generator can't read credentials
https://bugzilla.suse.com/show_bug.cgi?id=1223599 https://bugzilla.suse.com/show_bug.cgi?id=1223599#c3 Filippo Bonazzi <filippo.bonazzi@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CONFIRMED Flags| |needinfo? --- Comment #3 from Filippo Bonazzi <filippo.bonazzi@suse.com> --- It looks to me like it fixes 1 of the 2 AVCs you reported, do you see the same?
Apr 30 14:38:33 localhost kernel: audit: type=1400 audit(1714487912.626:6): avc: denied { map_read map_write } for pid=485 comm="systemd-fstab-g" scontext=system_u:system_r:systemd_fstab_generator_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=bpf permissive=0
This one should be gone with the security:SELinux policy.
Apr 30 14:38:33 localhost kernel: audit: type=1400 audit(1714487912.659:8): avc: denied { read } for pid=485 comm="systemd-fstab-g" name="fstab.extra" dev="tmpfs" ino=2 scontext=system_u:system_r:systemd_fstab_generator_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=file permissive=0
This one unfortunately looks new. We'll look into this one -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com