getting "avc: denied" messages in system logs #696
Labels
Comments
|
hi @Akshaybaisla thanks for your feedback - this is a known issue: #509 and it should be solved with the next SELinux upgrade. If these AVC messages are blocking your workload, you can still temporary keep SELinux to permissive mode. |
|
hi @tormath1 When SELinux upgrade will be released? |
|
Hi, upgrade is quite in progress and we mainly wait for this issue: #479 in order to ship more standard SELinux module for handling containers. You can subscribe to the issue to track progress on it. Can you describe a bit your workload ? As far as I can tell, these errors should not impact it directly. |
|
Fixed in: flatcar/scripts#917 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
On applying Flatcar recommendations as mentioned in https://www.flatcar.org/docs/latest/setup/security/selinux/ . when checking system logs getting many messages as "avc: denied". what we have to do now?
avc log message-
" localhost kernel: audit: type=1400 audit(1648446800.796:86): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0
localhost kernel: audit: type=1400 audit(1648446800.796:91): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0
localhost audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 "
The text was updated successfully, but these errors were encountered: