<html><head></head><body><div>I ran something similar for the upstream report. </div><div><br></div><div>Okay audit2allow now says:</div>
<div class="snippet-clipboard-content notranslate position-relative overflow-auto"><pre class="notranslate"><code class="notranslate">#============= rpcd_t ==============
allow rpcd_t nfs_port_t:tcp_socket name_bind;
allow rpcd_t nfs_port_t:udp_socket name_bind;
allow rpcd_t nfsd_fs_t:dir search;
allow rpcd_t nfsd_fs_t:file { open read };
</code></pre><div class="zeroclipboard-container position-absolute right-0 top-0">
</div></div><div>Or the raw log if that's more what you want:</div>
<div class="snippet-clipboard-content notranslate position-relative overflow-auto"><pre class="notranslate"><code class="notranslate">type=AVC msg=audit(1692348946.100:70): avc: denied { name_bind } for pid=687 comm="rpc.statd" src=4001 scontext=system_u:system_r:rpcd_t:s0 tcontext=system_u:object_r:nfs_port_t:s0 tclass=udp_socket permissive=0
type=SYSCALL msg=audit(1692348946.100:70): arch=c000003e syscall=49 success=no exit=-13 a0=8 a1=55ac43c8da00 a2=10 a3=7ffdfc06cff0 items=0 ppid=681 pid=687 auid=4294967295 uid=116 gid=65534 euid=116 suid=116 fsuid=116 egid=65534 sgid=65534 fsgid=65534 tty=(none) ses=4294967295 comm="rpc.statd" exe="/usr/sbin/rpc.statd" subj=system_u:system_r:rpcd_t:s0 key=(null)ARCH=x86_64 SYSCALL=bind AUID="unset" UID="statd" GID="nogroup" EUID="statd" SUID="statd" FSUID="statd" EGID="nogroup" SGID="nogroup" FSGID="nogroup"
type=PROCTITLE msg=audit(1692348946.100:70): proctitle="/sbin/rpc.statd"
type=AVC msg=audit(1692348946.100:71): avc: denied { name_bind } for pid=687 comm="rpc.statd" src=4001 scontext=system_u:system_r:rpcd_t:s0 tcontext=system_u:object_r:nfs_port_t:s0 tclass=tcp_socket permissive=0
type=SYSCALL msg=audit(1692348946.100:71): arch=c000003e syscall=49 success=no exit=-13 a0=8 a1=55ac43c8da00 a2=10 a3=7ffdfc06cff0 items=0 ppid=681 pid=687 auid=4294967295 uid=116 gid=65534 euid=116 suid=116 fsuid=116 egid=65534 sgid=65534 fsgid=65534 tty=(none) ses=4294967295 comm="rpc.statd" exe="/usr/sbin/rpc.statd" subj=system_u:system_r:rpcd_t:s0 key=(null)ARCH=x86_64 SYSCALL=bind AUID="unset" UID="statd" GID="nogroup" EUID="statd" SUID="statd" FSUID="statd" EGID="nogroup" SGID="nogroup" FSGID="nogroup"
type=PROCTITLE msg=audit(1692348946.100:71): proctitle="/sbin/rpc.statd"
type=AVC msg=audit(1692348946.100:72): avc: denied { name_bind } for pid=687 comm="rpc.statd" src=4001 scontext=system_u:system_r:rpcd_t:s0 tcontext=system_u:object_r:nfs_port_t:s0 tclass=udp_socket permissive=0
type=SYSCALL msg=audit(1692348946.100:72): arch=c000003e syscall=49 success=no exit=-13 a0=8 a1=55ac43c8f080 a2=1c a3=7ffdfc06cff0 items=0 ppid=681 pid=687 auid=4294967295 uid=116 gid=65534 euid=116 suid=116 fsuid=116 egid=65534 sgid=65534 fsgid=65534 tty=(none) ses=4294967295 comm="rpc.statd" exe="/usr/sbin/rpc.statd" subj=system_u:system_r:rpcd_t:s0 key=(null)ARCH=x86_64 SYSCALL=bind AUID="unset" UID="statd" GID="nogroup" EUID="statd" SUID="statd" FSUID="statd" EGID="nogroup" SGID="nogroup" FSGID="nogroup"
type=PROCTITLE msg=audit(1692348946.100:72): proctitle="/sbin/rpc.statd"
type=AVC msg=audit(1692348946.100:73): avc: denied { name_bind } for pid=687 comm="rpc.statd" src=4001 scontext=system_u:system_r:rpcd_t:s0 tcontext=system_u:object_r:nfs_port_t:s0 tclass=tcp_socket permissive=0
type=SYSCALL msg=audit(1692348946.100:73): arch=c000003e syscall=49 success=no exit=-13 a0=8 a1=55ac43c8f080 a2=1c a3=7ffdfc06cff0 items=0 ppid=681 pid=687 auid=4294967295 uid=116 gid=65534 euid=116 suid=116 fsuid=116 egid=65534 sgid=65534 fsgid=65534 tty=(none) ses=4294967295 comm="rpc.statd" exe="/usr/sbin/rpc.statd" subj=system_u:system_r:rpcd_t:s0 key=(null)ARCH=x86_64 SYSCALL=bind AUID="unset" UID="statd" GID="nogroup" EUID="statd" SUID="statd" FSUID="statd" EGID="nogroup" SGID="nogroup" FSGID="nogroup"
type=PROCTITLE msg=audit(1692348946.100:73): proctitle="/sbin/rpc.statd"
type=SERVICE_START msg=audit(1692348946.100:74): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rpc-statd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'UID="root" AUID="unset"
type=SERVICE_START msg=audit(1692348946.184:85): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rpc-statd-notify comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset"<md-quote aria-label="Quote" id="md-quote-new_comment_field-1" role="button" tabindex="-1" class="toolbar-item btn-octicon p-2 p-md-1" data-hotkey-scope="new_comment_field" data-hotkey="Control+Shift+." data-ga-click="Markdown Toolbar, click, quote" aria-describedby="tooltip-225cb60c-ccde-45b8-b406-1870c02045cc"> </md-quote><md-code aria-label="Code" id="md-code-new_comment_field-1" role="button" tabindex="-1" class="toolbar-item btn-octicon p-2 p-md-1" data-hotkey-scope="new_comment_field" data-hotkey="Control+e" data-ga-click="Markdown Toolbar, click, code" aria-describedby="tooltip-75e7031a-85f2-4633-a897-0eaf5805a91b"><svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-code"></svg></md-code><md-code aria-label="Code" id="md-code-new_comment_field-1" role="button" tabindex="-1" class="toolbar-item btn-octicon p-2 p-md-1" data-hotkey-scope="new_comment_field" data-hotkey="Control+e" data-ga-click="Markdown Toolbar, click, code" aria-describedby="tooltip-75e7031a-85f2-4633-a897-0eaf5805a91b"><svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-code"></svg>
</md-code>
</code></pre></div><md-link aria-label="Link" id="md-link-new_comment_field-2" role="button" tabindex="-1" class="toolbar-item btn-octicon p-2 p-md-1 d-none d-md-block" data-hotkey-scope="new_comment_field" data-hotkey="Control+k" data-ga-click="Markdown Toolbar, click, link" aria-describedby="tooltip-6a2ec11e-d7c8-4b79-9aaf-2ce74cd677dc"><svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-link">
</svg></md-link><div class="d-flex d-md-inline-block mr-0"><md-link aria-label="Link" id="md-link-new_comment_field-2" role="button" tabindex="-1" class="toolbar-item btn-octicon p-2 p-md-1 d-none d-md-block" data-hotkey-scope="new_comment_field" data-hotkey="Control+k" data-ga-click="Markdown Toolbar, click, link" aria-describedby="tooltip-6a2ec11e-d7c8-4b79-9aaf-2ce74cd677dc"><svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-link">
</svg>
</md-link>
</div>
<div class="d-none d-md-inline-block mr-md-0 mr-3">
<md-unordered-list aria-label="Unordered list" id="md-unordered_list-new_comment_field-1" role="button" tabindex="-1" class="toolbar-item btn-octicon" data-hotkey-scope="new_comment_field" data-hotkey="Control+Shift+8" data-ga-click="Markdown Toolbar, click, unordered list" aria-describedby="tooltip-124b04ac-bcf2-4bcf-b994-823b48d00710">
<svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-list-unordered">
</svg></md-unordered-list></div><md-unordered-list aria-label="Unordered list" id="md-unordered_list-new_comment_field-1" role="button" tabindex="-1" class="toolbar-item btn-octicon" data-hotkey-scope="new_comment_field" data-hotkey="Control+Shift+8" data-ga-click="Markdown Toolbar, click, unordered list" aria-describedby="tooltip-124b04ac-bcf2-4bcf-b994-823b48d00710"><svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-list-unordered">
</svg>
</md-unordered-list>
<md-ordered-list aria-label="Numbered list" id="md-ordered_list-new_comment_field-1" role="button" tabindex="-1" class="toolbar-item btn-octicon" data-hotkey-scope="new_comment_field" data-hotkey="Control+Shift+7" data-ga-click="Markdown Toolbar, click, ordered list" aria-describedby="tooltip-cd8ce297-83a8-4ab3-b984-e9c7aa58ce64">
<svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-list-ordered">
</svg></md-ordered-list><md-ordered-list aria-label="Numbered list" id="md-ordered_list-new_comment_field-1" role="button" tabindex="-1" class="toolbar-item btn-octicon" data-hotkey-scope="new_comment_field" data-hotkey="Control+Shift+7" data-ga-click="Markdown Toolbar, click, ordered list" aria-describedby="tooltip-cd8ce297-83a8-4ab3-b984-e9c7aa58ce64"><svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-list-ordered">
</svg>
</md-ordered-list>
<md-task-list aria-label="Task list" id="md-task_list-new_comment_field-1" role="button" tabindex="-1" class="toolbar-item btn-octicon" data-hotkey-scope="new_comment_field" data-hotkey="Control+Shift+l" data-ga-click="Markdown Toolbar, click, task list" aria-describedby="tooltip-442dbf41-25fd-479e-842d-f693b84fa76a">
<svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-tasklist">
</svg></md-task-list><div class="d-none d-md-inline-block mr-md-0 mr-3"><md-task-list aria-label="Task list" id="md-task_list-new_comment_field-1" role="button" tabindex="-1" class="toolbar-item btn-octicon" data-hotkey-scope="new_comment_field" data-hotkey="Control+Shift+l" data-ga-click="Markdown Toolbar, click, task list" aria-describedby="tooltip-442dbf41-25fd-479e-842d-f693b84fa76a"><svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-tasklist">
</svg>
</md-task-list>
</div>
<div class="d-flex d-xs-inline-block">
<md-mention aria-label="Mention" role="button" id="md-mention-new_comment_field" tabindex="-1" class="flex-auto text-center toolbar-item btn-octicon p-2 p-md-1 mx-1" data-ga-click="Markdown Toolbar, click, mention" aria-describedby="tooltip-3aaa15a6-8c7f-44ca-8b20-e0924790135b">
</md-mention></div><div><br></div><div><br></div><div>On Thu, 2023-08-24 at 23:47 +1000, Russell Coker wrote:</div><blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px #729fcf solid;padding-left:1ex"><blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px #729fcf solid;padding-left:1ex"><div>This all works fine in permissive mode and there is nothing reported by<br></div><div>audit2allow on the log file.<br></div></blockquote><div><br></div><div>Please run "semodule -DB" and then reproduce the problem, the -D option means <br></div><div>to remove dontaudit rules and the -B option means to rebuild the policy that <br></div><div>is loaded into the kernel. After that you will get lots of messages you <br></div><div>previously didn't get and you can grep /var/log/audit/audit.log for the <br></div><div>relevant ones.<br></div><div><br></div></blockquote><div><br></div><div><span></span></div></body></html>