Selinux is preventing systemd-tmpfile from deleting some files under /var/tmp

Solution In Progress - Updated -

Issue

  • Below messages are seen in audit.log
type=AVC msg=audit(05/06/2020 13:59:15.111:239) : avc:  denied  { getattr } for  pid=1624 comm=systemd-tmpfile path=/var/tmp/sos.tg8weany/sosreport-vm80-2020-05-06-himsntk/etc/security/opasswd dev="dm-0" ino=34398561 scontext=system_u:system_r:systemd_tmpfiles_t:s0 tcontext=system_u:object_r:shadow_t:s0 tclass=file permissive=0 
type=AVC msg=audit(05/06/2020 13:59:16.359:241) : avc:  denied  { getattr } for  pid=1624 comm=systemd-tmpfile path=/var/tmp/sos.tg8weany/sosreport-vm80-2020-05-06-himsntk/proc/sys/vm/compact_memory dev="dm-0" ino=17566500 scontext=system_u:system_r:systemd_tmpfiles_t:s0 tcontext=system_u:object_r:sysctl_vm_t:s0 tclass=file permissive=0
  • /var/tmp/sos.xxxx/sosreport-xxxx/etc/security/opasswd and /var/tmp/sos.xxxx/sosreport-xxxx/proc/sys/vm/compact_memory are not deleted after systemd-tmpfile cleaned /var/tmp.

Environment

  • Red Hat Enterprise Linux 8
  • Selinux

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content