SELinux prevents sendmail.service while running Memory function: kaslr
Snippet of test failure
# https://s3.us-east-1.amazonaws.com/arr-cki-prod-datawarehouse-public/datawarehouse-public/2022/05/31/552432155/redhat:552432155_x86_64/tests/Memory_function_kaslr/12064517_x86_64_3_avc.log
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
Mode from config file: permissive
Policy MLS status: enabled
Policy deny_unknown status: allowed
Memory protection checking: actual (secure)
Max kernel policy version: 33
selinux-policy-37.3-1.fc37.noarch
----
time->Tue May 31 22:27:45 2022
type=USER_AVC msg=audit(1654050465.827:186): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { status } for auid=n/a uid=0 gid=0 path="/usr/lib/systemd/system/sendmail.service" cmdline="" function="reply_unit_path" scontext=system_u:system_r:NetworkManager_dispatcher_sendmail_t:s0 tcontext=system_u:object_r:systemd_unit_file_t:s0 tclass=service permissive=1 exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Test logs on DataWarehouse
DataWarehouse issue
-
DW issue : https://datawarehouse.cki-project.org/issue/1258
-
Regex
: https://datawarehouse.cki-project.org/issue/-/regex/1207- Text Match :
avc:\s*denied\s*{ status } for auid=n\/a uid=0 gid=0 path="\/usr\/lib\/systemd\/system\/sendmail\.service" cmdline="" function="\S+" scontext=system_u:system_r:NetworkManager_dispatcher_sendmail_t:s0
- (Log) File Name Match :
avc.log
- Test Name Match :
Memory function: kaslr
- KPET Tree Name Match :
(upstream|rawhide)
- Text Match :
-
Additional details
N/A
In case opening the links above result in a 404 page on DataWarehouse, please make sure you are correctly logged into DataWarehouse via Red Hat SSO.