Confined sysadm users cannot execute `sosreport` command after sudo'ing, a backtrace is printed and AVCs are seen

Solution Verified - Updated -

Issue

  • When a user is confined to sysadm_u SELinux user and tries to execute sudo sosreport, AVCs are seen and later the sosreport command aborts

    Permission denied while finalizing archive /var/tmp/sos.kydrcitq/sosreport-xxx

Creating archive tarball failed.
Traceback (most recent call last):
  File "/sbin/sosreport", line 33, in <module>
    sos.execute()
  File "/usr/lib/python3.6/site-packages/sos/__init__.py", line 185, in execute
    self._component.execute()
  File "/usr/lib/python3.6/site-packages/sos/report/__init__.py", line 1350, in execute
    return self.final_work()
  File "/usr/lib/python3.6/site-packages/sos/report/__init__.py", line 1263, in final_work
    archivestat, map_file=map_file)
UnboundLocalError: local variable 'archivestat' referenced before assignment

Environment

  • Red Hat Enterprise Linux 8
    • sosreport
    • confined sysadm_u users

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content