summary: SELinux AVC issues related to anon_inode tclass policies.
description: |
    SELinux denials affect processes that deals with anon_inode tclass.
contact: Milos Malik <mmalik@redhat.com>
component:
  - selinux-policy
require:
  - library(selinux-policy/common)
recommend:
  - libselinux
  - policycoreutils
  - selinux-policy
  - selinux-policy-targeted
  - gcc
  - glibc-headers
  - setools-console
  - audit
  - fio
  - grubby
  - stress-ng
environment:
    AVC_ERROR: +no_avc_check
duration: 30m
enabled: true
tag:
  - NoRHEL4
  - NoRHEL5
  - NoRHEL6
  - NoRHEL7
  - NoRHEL8
  - targeted
  - reboot
link:
  - verifies: https://bugzilla.redhat.com/show_bug.cgi?id=1954145
  - relates: https://bugzilla.redhat.com/show_bug.cgi?id=1974559
  - relates: https://bugzilla.redhat.com/show_bug.cgi?id=2027660
  - verifies: https://bugzilla.redhat.com/show_bug.cgi?id=2025714
  - verifies: https://bugzilla.redhat.com/show_bug.cgi?id=2187745
  - verifies: https://issues.redhat.com/browse/RHEL-11792
  - verifies: https://bugzilla.redhat.com/show_bug.cgi?id=2270895
adjust:
  - enabled: false
    when: distro == rhel-4, rhel-5, rhel-6, rhel-7, rhel-8, centos-stream-8
    because: the anon_inode class is not defined there
extra-nitrate: TC#0612643
extra-summary: /CoreOS/selinux-policy/Regression/anon_inode-and-similar
extra-task: /CoreOS/selinux-policy/Regression/anon_inode-and-similar
id: 4e70e1ec-d3ae-40df-aad6-dfc4a23bc081