Bug 1220373

Summary:	[SELinux] ssh-keygen: avc denials with tmpfs_t
Product:	[openSUSE] openSUSE Tumbleweed	Reporter:	Cathy Hu <cathy.hu>
Component:	Security	Assignee:	Cathy Hu <cathy.hu>
Status:	RESOLVED FIXED	QA Contact:	Security Team bot <security-team>
Severity:	Normal
Priority:	P5 - None
Version:	Current
Target Milestone:	---
Hardware:	Other
OS:	Other
Whiteboard:
Found By:	---	Services Priority:
Business Priority:		Blocker:	---
Marketing QA Status:	---	IT Deployment:	---

Description Cathy Hu 2024-02-26 16:13:13 UTC

avc denials in sle micro 6.0

avc: denied { read write } comm="ssh-keygen" scontext=system_u:system_r:ssh_keygen_t:s0 tcontext=system_u:object_r:crypt_device_t:s0 tclass=chr_file permissive=0
avc: denied { read write } comm="ssh-keygen" scontext=system_u:system_r:ssh_keygen_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=file permissive=0
avc: denied { write } comm="ssh-keygen" scontext=system_u:system_r:ssh_keygen_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=dir permissive=0
avc: denied { read write } comm="sshd" scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:tmpfs_t:s0 tclass=file permissive=0

Comment 1 Cathy Hu 2024-02-26 16:13:45 UTC

e.g.
https://openqa.suse.de/tests/13602660/#step/suseconnect_scc/67
https://openqa.suse.de/tests/13602660/#step/host_config/48

Comment 2 Cathy Hu 2024-03-04 16:24:41 UTC

https://build.suse.de/request/show/323268

Comment 3 Cathy Hu 2024-03-04 16:28:36 UTC

done, closing

Comment 4 OBSbugzilla Bot 2024-03-13 17:35:04 UTC

This is an autogenerated message for OBS integration:
This bug (1220373) was mentioned in
https://build.opensuse.org/request/show/1157662 Factory / selinux-policy