From 4bea0665f4e2a1ed6db7e916d400e53d3f7a1869 Mon Sep 17 00:00:00 2001
From: Martin Pitt <martin@piware.de>
Date: Wed, 25 Oct 2023 08:39:38 +0200
Subject: [PATCH] naughty: Add patterns for SELinux denial of systemd kdump
 temp file cleanup

Known issue #5444
Downstream report: https://bugzilla.redhat.com/show_bug.cgi?id=2246046
---
 naughty/fedora-39/5444-selinux-systemd-kdump-cleanup   | 2 ++
 naughty/fedora-39/5444-selinux-systemd-kdump-cleanup-2 | 2 ++
 naughty/fedora-40/5444-selinux-systemd-kdump-cleanup   | 2 ++
 naughty/fedora-40/5444-selinux-systemd-kdump-cleanup-2 | 2 ++
 4 files changed, 8 insertions(+)
 create mode 100644 naughty/fedora-39/5444-selinux-systemd-kdump-cleanup
 create mode 100644 naughty/fedora-39/5444-selinux-systemd-kdump-cleanup-2
 create mode 100644 naughty/fedora-40/5444-selinux-systemd-kdump-cleanup
 create mode 100644 naughty/fedora-40/5444-selinux-systemd-kdump-cleanup-2

diff --git a/naughty/fedora-39/5444-selinux-systemd-kdump-cleanup b/naughty/fedora-39/5444-selinux-systemd-kdump-cleanup
new file mode 100644
index 0000000000..584c4e3fdd
--- /dev/null
+++ b/naughty/fedora-39/5444-selinux-systemd-kdump-cleanup
@@ -0,0 +1,2 @@
+testlib.Error: FAIL: Test completed, but found unexpected journal messages:
+*avc:  denied  { remove_name } for * comm="(sd-rmrf)" name="tmp" * scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:kdumpctl_tmp_t:s0 tclass=dir permissive=0
diff --git a/naughty/fedora-39/5444-selinux-systemd-kdump-cleanup-2 b/naughty/fedora-39/5444-selinux-systemd-kdump-cleanup-2
new file mode 100644
index 0000000000..1ce5810bf9
--- /dev/null
+++ b/naughty/fedora-39/5444-selinux-systemd-kdump-cleanup-2
@@ -0,0 +1,2 @@
+testlib.Error: FAIL: Test completed, but found unexpected journal messages:
+*avc:  denied  { rmdir } for  comm="(sd-rmrf)" * scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:kdumpctl_tmp_t:s0 tclass=dir permissive=0
diff --git a/naughty/fedora-40/5444-selinux-systemd-kdump-cleanup b/naughty/fedora-40/5444-selinux-systemd-kdump-cleanup
new file mode 100644
index 0000000000..584c4e3fdd
--- /dev/null
+++ b/naughty/fedora-40/5444-selinux-systemd-kdump-cleanup
@@ -0,0 +1,2 @@
+testlib.Error: FAIL: Test completed, but found unexpected journal messages:
+*avc:  denied  { remove_name } for * comm="(sd-rmrf)" name="tmp" * scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:kdumpctl_tmp_t:s0 tclass=dir permissive=0
diff --git a/naughty/fedora-40/5444-selinux-systemd-kdump-cleanup-2 b/naughty/fedora-40/5444-selinux-systemd-kdump-cleanup-2
new file mode 100644
index 0000000000..1ce5810bf9
--- /dev/null
+++ b/naughty/fedora-40/5444-selinux-systemd-kdump-cleanup-2
@@ -0,0 +1,2 @@
+testlib.Error: FAIL: Test completed, but found unexpected journal messages:
+*avc:  denied  { rmdir } for  comm="(sd-rmrf)" * scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:kdumpctl_tmp_t:s0 tclass=dir permissive=0