Executing yum/rpm commands using VMWare tools facility ("vmrun") fails in error when packages have scriptlets
Issue
- When executing a
yumcommand using the VMWare tools facilityvmrun, the command fails -
AVCs related to transition are seen in the audit log
type=PATH msg=audit([...]): item=0 name="/bin/sh" [...] obj=system_u:object_r:shell_exec_t:s0 [...] type=CWD msg=audit([...]): cwd="/" type=SYSCALL msg=audit([...]): arch=c000003e syscall=59 success=no exit=-13 [...] comm="yum" exe="/usr/libexec/platform-python3.6" subj=system_u:system_r:vmtools_unconfined_t:s0 key=(null) type=AVC msg=audit([...]): avc: denied { transition } for pid=XXX comm="yum" path="/usr/bin/bash" dev="dm-0" ino=XXX scontext=system_u:system_r:vmtools_unconfined_t:s0 tcontext=system_u:system_r:rpm_script_t:s0 tclass=process permissive=0 -
The output of the
yumcommand shows Permission denies while executing scriptlets[...]: Running transaction [...]: Preparing : 1/1 [...]: Reinstalling : cronie-1.5.2-4.el8.x86_64 1/2 [...]: Running scriptlet: cronie-1.5.2-4.el8.x86_64 1/2 [...]: error: failed to exec scriptlet interpreter /bin/sh: Permission denied [...]: warning: %post(cronie-1.5.2-4.el8.x86_64) scriptlet failed, exit status 127 [...]: Error in POSTIN scriptlet in rpm package cronie [...]: error: failed to exec scriptlet interpreter /bin/sh: Permission denied [...]: warning: %triggerin(cronie-1.5.2-4.el8.x86_64) scriptlet failed, exit status 127 [...]: Error in <unknown> scriptlet in rpm package cronie [...]: Running scriptlet: cronie-1.5.2-4.el8.x86_64 2/2 [...]
Environment
- Red Hat Enterprise Linux 8.
-
Red Hat Enterprise Linux 7.
- open-vm-tools
-
VMWare
- vmrun
- vRealize Orchestrator Run program in guest
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
