Selinux is preventing systemd-tmpfile from deleting some files under /var/tmp

Solution In Progress - Updated -

Issue

  • Below messages are seen in audit.log
type=AVC msg=audit(05/06/2020 13:59:15.111:239) : avc:  denied  { getattr } for  pid=1624 comm=systemd-tmpfile path=/var/tmp/sos.tg8weany/sosreport-vm80-2020-05-06-himsntk/etc/security/opasswd dev="dm-0" ino=34398561 scontext=system_u:system_r:systemd_tmpfiles_t:s0 tcontext=system_u:object_r:shadow_t:s0 tclass=file permissive=0 
type=AVC msg=audit(05/06/2020 13:59:16.359:241) : avc:  denied  { getattr } for  pid=1624 comm=systemd-tmpfile path=/var/tmp/sos.tg8weany/sosreport-vm80-2020-05-06-himsntk/proc/sys/vm/compact_memory dev="dm-0" ino=17566500 scontext=system_u:system_r:systemd_tmpfiles_t:s0 tcontext=system_u:object_r:sysctl_vm_t:s0 tclass=file permissive=0 
  • /var/tmp/sos.xxxx/sosreport-xxxx/etc/security/opasswd and /var/tmp/sos.xxxx/sosreport-xxxx/proc/sys/vm/compact_memory are not deleted after systemd-tmpfile cleaned /var/tmp.

Environment

  • Red Hat Enterprise Linux 8
  • Selinux

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In