Bug 1078265
Summary: | katello-installer generates AVC: denied { name_connect } for scontext=passenger_t:s0 tcontext=:websm_port_t:s0 tclass=tcp_socket | ||
---|---|---|---|
Product: | Red Hat Satellite | Reporter: | Jan Hutař <jhutar> |
Component: | SELinux | Assignee: | Lukas Zapletal <lzap> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Jan Hutař <jhutar> |
Severity: | medium | Docs Contact: | |
Priority: | high | ||
Version: | Nightly | CC: | cwelton, dcleal, dsulliva, elavarde, jmontleo, mmccune, omaciel |
Target Milestone: | Unspecified | Keywords: | Triaged |
Target Release: | Unused | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
URL: | http://projects.theforeman.org/issues/5827 | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-09-11 12:22:01 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Jan Hutař
2014-03-19 13:57:32 UTC
Since this issue was entered in Red Hat Bugzilla, the release flag has been set to ? to ensure that it is properly evaluated for this release. Created redmine issue http://projects.theforeman.org/issues/5827 from this bug Upstream bug assigned to lzap Fixed upstream, PR pending review. Moving to POST since upstream bug http://projects.theforeman.org/issues/5827 has been closed Seeing this in latest build Satellite-6.0.3-RHEL-6-20140619.0. Still related to installer? type=AVC msg=audit(1403208049.892:2114): avc: denied { name_connect } for pid=18332 comm="ruby" dest=9200 scontext=unconfined_u:system_r:passenger_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket type=SYSCALL msg=audit(1403208049.892:2114): arch=c000003e syscall=42 success=no exit=-111 a0=f a1=7f063cdbc050 a2=1c a3=ff00 items=0 ppid=1 pid=18332 auid=0 uid=497 gid=497 euid=497 suid=497 fsuid=497 egid=497 sgid=497 fsgid=497 tty=(none) ses=19 comm="ruby" exe="/opt/rh/ruby193/root/usr/bin/ruby" subj=unconfined_u:system_r:passenger_t:s0 key=(null) reopening for consideration. I have reported bug 1112607 as well (includes this and 4 other AVCs generated by katello-installer). The package did not contain my patch. Jason please make sure you rebase foreman-selinux from latest develop upstream branch. Thanks. *** Bug 1104270 has been marked as a duplicate of this bug. *** This was delivered with Satellite 6.0 which was released on 10 September 2014. |