httpd: systemd-ask-password AVC seen when /usr/libexec/httpd-ssl-pass-dialog is configured

Solution Verified - Updated -

Issue

  • When the SSL configuration of httpd contains SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog, the following AVC is seen upon startup of the service

    type=SYSCALL ... syscall=2 success=no exit=-13 ... comm="systemd-ask-pas" exe="/usr/bin/systemd-ask-password" subj=system_u:system_r:httpd_passwd_t:s0 key=(null)
    type=AVC ...: avc:  denied  { search } for  pid=XXX comm="systemd-ask-pas" name="1" dev="proc" ... scontext=system_u:system_r:httpd_passwd_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=dir permissive=0
    
  • The issue seems harmless

Environment

  • Red Hat Enterprise Linux 7
    • httpd
    • mod_ssl

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content