http://bugzilla.opensuse.org/show_bug.cgi?id=1205434 Bug ID: 1205434 Summary: SELinux audit messages for irqbalance Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: screening-team-bugs@suse.de Reporter: felix.niederwanger@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- On a Tumbleweed VM with SELinux enabled in permissive mode I noticed the following messages in the AVC

ausearch -ts boot -m avc ---- time->Tue Nov 15 11:18:31 2022 type=PROCTITLE msg=audit(1668507511.960:16): proctitle=2F7573722F7362696E2F69727162616C616E6365002D2D666F726567726F756E64 type=SYSCALL msg=audit(1668507511.960:16): arch=c000003e syscall=41 success=yes exit=6 a0=10 a1=80003 a2=10 a3=0 items=0 ppid=1 pid=671 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="irqbalance" exe="/usr/sbin/irqbalance" subj=system_u:system_r:irqbalance_t:s0 key=(null) type=AVC msg=audit(1668507511.960:16): avc: denied { create } for pid=671 comm="irqbalance" scontext=system_u:system_r:irqbalance_t:s0 tcontext=system_u:system_r:irqbalance_t:s0 tclass=netlink_generic_socket permissive=1 ---- time->Tue Nov 15 11:18:31 2022 type=PROCTITLE msg=audit(1668507511.960:17): proctitle=2F7573722F7362696E2F69727162616C616E6365002D2D666F726567726F756E64 type=SYSCALL msg=audit(1668507511.960:17): arch=c000003e syscall=54 success=yes exit=0 a0=6 a1=1 a2=7 a3=7ffd03969f28 items=0 ppid=1 pid=671 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="irqbalance" exe="/usr/sbin/irqbalance" subj=system_u:system_r:irqbalance_t:s0 key=(null) type=AVC msg=audit(1668507511.960:17): avc: denied { setopt } for pid=671 comm="irqbalance" scontext=system_u:system_r:irqbalance_t:s0 tcontext=system_u:system_r:irqbalance_t:s0 tclass=netlink_generic_socket permissive=1 ---- time->Tue Nov 15 11:18:31 2022 type=PROCTITLE msg=audit(1668507511.960:18): proctitle=2F7573722F7362696E2F69727162616C616E6365002D2D666F726567726F756E64 type=SYSCALL msg=audit(1668507511.960:18): arch=c000003e syscall=49 success=yes exit=0 a0=6 a1=55f14ceb6a50 a2=c a3=10 items=0 ppid=1 pid=671 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="irqbalance" exe="/usr/sbin/irqbalance" subj=system_u:system_r:irqbalance_t:s0 key=(null) type=AVC msg=audit(1668507511.960:18): avc: denied { bind } for pid=671 comm="irqbalance" scontext=system_u:system_r:irqbalance_t:s0 tcontext=system_u:system_r:irqbalance_t:s0 tclass=netlink_generic_socket permissive=1 ---- time->Tue Nov 15 11:18:31 2022 type=PROCTITLE msg=audit(1668507511.960:19): proctitle=2F7573722F7362696E2F69727162616C616E6365002D2D666F726567726F756E64 type=SOCKADDR msg=audit(1668507511.960:19): saddr=100000009F0200B400000000 type=SYSCALL msg=audit(1668507511.960:19): arch=c000003e syscall=51 success=yes exit=0 a0=6 a1=7ffd03969f74 a2=7ffd03969f70 a3=10 items=0 ppid=1 pid=671 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="irqbalance" exe="/usr/sbin/irqbalance" subj=system_u:system_r:irqbalance_t:s0 key=(null) type=AVC msg=audit(1668507511.960:19): avc: denied { getattr } for pid=671 comm="irqbalance" scontext=system_u:system_r:irqbalance_t:s0 tcontext=system_u:system_r:irqbalance_t:s0 tclass=netlink_generic_socket permissive=1

Rebooting into enforced mode work without obvious issues though. -- You are receiving this mail because: You are on the CC list for the bug.