Comments
praiskup
provided feedback
on distribution-gpg-keys-1.118-1.el8
3 months ago
Fixes Copr
Problems were caused by snapd-selinux. Sorry for the noise. +1
Reported as: https://bugzilla.redhat.com/show_bug.cgi?id=2313040
sudo dnf reinstall '*selinux*' not helpful either
Downgrade to 2.232.1 is not helpful.
I can not start bash in containers now, example:
$ podman run --rm -ti registry.access.redhat.com/ubi9/ubi bash <no output, selinux cuts the process> $ sudo tail -n100 /var/log/audit/audit.log | audit2allow
============= container_t ==============
allow container_t container_file_t:chr_file { read write };
avc
type=AVC msg=audit(1726210659.521:22786): avc: denied { read write } for pid=1122774 comm="bash" path="/dev/pts/0" dev="devpts" ino=3 scontext=system_u:system_r:container_t:s0:c539,c854 tcontext=system_u:object_r:container_file_t:s0:c539,c854 tclass=chr_file permissive=0
avc with bin/echo
type=AVC msg=audit(1726210760.204:22810): avc: denied { read write } for pid=1123360 comm="echo" path="/dev/pts/0" dev="devpts" ino=3 scontext=system_u:system_r:container_t:s0:c142,c697 tcontext=system_u:object_r:container_file_t:s0:c142,c697 tclass=chr_file permissive=0