summary: SELinux AVC issues related to anon_inode tclass policies.
description: |
SELinux denials affect processes that deals with anon_inode tclass.
contact: Milos Malik <mmalik@redhat.com>
component:
- selinux-policy
require:
- library(selinux-policy/common)
recommend:
- libselinux
- policycoreutils
- selinux-policy
- selinux-policy-targeted
- gcc
- glibc-headers
- setools-console
- audit
- fio
- grubby
- stress-ng
environment:
AVC_ERROR: +no_avc_check
duration: 30m
enabled: true
tag:
- NoRHEL4
- NoRHEL5
- NoRHEL6
- NoRHEL7
- NoRHEL8
- targeted
- reboot
link:
- verifies: https://bugzilla.redhat.com/show_bug.cgi?id=1954145
- relates: https://bugzilla.redhat.com/show_bug.cgi?id=1974559
- relates: https://bugzilla.redhat.com/show_bug.cgi?id=2027660
- verifies: https://bugzilla.redhat.com/show_bug.cgi?id=2025714
- verifies: https://bugzilla.redhat.com/show_bug.cgi?id=2187745
- verifies: https://issues.redhat.com/browse/RHEL-11792
- verifies: https://bugzilla.redhat.com/show_bug.cgi?id=2270895
adjust:
- enabled: false
when: distro == rhel-4, rhel-5, rhel-6, rhel-7, rhel-8, centos-stream-8
because: the anon_inode class is not defined there
extra-nitrate: TC#0612643
extra-summary: /CoreOS/selinux-policy/Regression/anon_inode-and-similar
extra-task: /CoreOS/selinux-policy/Regression/anon_inode-and-similar
id: 4e70e1ec-d3ae-40df-aad6-dfc4a23bc081