Issue

One of our squid test is running following command that produce AVC on rhel-10 (no AVC is produced on rhel-9.8) squid-6.10-5.el10.x86_64 selinux-policy-42.1.7-1.el10.noarch Steps to reproduce As root run: echo "Vincent p@ssw0rd" | su squid -s /bin/bash -c /usr/lib64/squid/basic_pam_auth Expected results No AVC (as on rhel-9.8) Actual results ausearch -m AVC -ts recent time->Fri Oct 31 10:47:14 2025 type=PROCTITLE msg=audit(1761922034.576:598): proctitle=2F7573722F7362696E2F756E69785F63686B7077640056696E63656E74006E756C6C6F6B type=SYSCALL msg=audit(1761922034.576:598): arch=c000003e syscall=106 success=yes exit=0 a0=17 a1=555a88abd2a0 a2=0 a3=555a88abd010 items=0 ppid=8318 pid=8319 auid=0 uid=23 gid=23 euid=0 suid=0 fsuid=0 egid=23 sgid=23 fsgid=23 tty=(none) ses=3 comm="unix_chkpwd" exe="/usr/sbin/unix_chkpwd" subj=unconfined_u:unconfined_r:chkpwd_t:s0-s0:c0.c1023 key=(null) type=AVC msg=audit(1761922034.576:598): avc:  denied  { setgid } for  pid=8319 comm="unix_chkpwd" capability=6  scontext=unconfined_u:unconfined_r:chkpwd_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:chkpwd_t:s0-s0:c0.c1023 tclass=capability permissive=0 time->Fri Oct 31 10:47:14 2025 type=PROCTITLE msg=audit(1761922034.577:599): proctitle=2F7573722F7362696E2F756E69785F63686B7077640056696E63656E74006E756C6C6F6B type=SYSCALL msg=audit(1761922034.577:599): arch=c000003e syscall=106 success=yes exit=0 a0=17 a1=55991c9982a0 a2=0 a3=55991c998010 items=0 ppid=8318 pid=8320 auid=0 uid=23 gid=23 euid=0 suid=0 fsuid=0 egid=23 sgid=23 fsgid=23 tty=(none) ses=3 comm="unix_chkpwd" exe="/usr/sbin/unix_chkpwd" subj=unconfined_u:unconfined_r:chkpwd_t:s0-s0:c0.c1023 key=(null) type=AVC msg=audit(1761922034.577:599): avc:  denied  { setgid } for  pid=8320 comm="unix_chkpwd" capability=6  scontext=unconfined_u:unconfined_r:chkpwd_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:chkpwd_t:s0-s0:c0.c1023 tclass=capability permissive=0

Release Notes

No. of Comments

Resolution

Unresolved