Bug 1309600
Summary: | open up access for /var/log/candlepin.log and /var/log/messages to fusor-server on ISO installation | ||
---|---|---|---|
Product: | Red Hat Quickstart Cloud Installer | Reporter: | dgao |
Component: | fusor-installer | Assignee: | John Matthews <jmatthew> |
Status: | CLOSED ERRATA | QA Contact: | Thom Carlin <tcarlin> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 1.0 | CC: | dgao, tcarlin |
Target Milestone: | ga | Keywords: | Triaged |
Target Release: | 1.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2016-09-13 16:27:02 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
dgao
2016-02-18 09:12:17 UTC
Changes made: https://github.com/fusor/fusor-selinux/pull/23 https://github.com/fusor/fusor-installer/pull/73 QCI-1.2-RHEL-7-20160705.t.1 Verification failed on QCI-1.2-RHEL-7-20160711.t.1: There were originally 2 issues in Comment 0: 1) /var/log/messages 2) /var/log/candlepin.log On my system there are 4 related files: A) -rw-r-----+ root root system_u:object_r:var_log_t:s0 /var/log/messages B)-rw-r--r--. foreman foreman system_u:object_r:foreman_log_t:s0 /var/log/foreman/deployments/<<deployment name>>/var/log/messages C) -rw-r--r--. tomcat tomcat system_u:object_r:tomcat_log_t:s0 /var/log/candlepin/candlepin.log D) -rw-r--r--. foreman foreman system_u:object_r:foreman_log_t:s0 /var/log/foreman/deployments/<<deployment name>>/var/log/candlepin/candlepin.log Is the C) name correct -- not 2) ? That would match the audit messages There weren't reproducer steps -- I'm guessing: * Install QCI * Log in to run launch-fusor-installer * grep tail /var/log/audit/audit.log * Fail if any output has "avc: denied" The issue seems to be with A), not B) as far as I can tell. Please confirm you are not seeing issues with B), C) or D) https://github.com/fusor/fusor-selinux/pull/24 This should resolve selinux issues involving /var/log/messages. VERIFIED in QCI-1.0-RHEL-7-20160830.t.0 Correction: believe the reproducer is: 1) Install/configure QCI 2) Deploy ..anything 3) During Installation Progress, go to Log tab (https://<<sat6_fqdn>>/r/#/deployments/<<deployment_number>>/review/progress/log) Examine each log in turn. You should be able to log contents as each log is selected Also check the audit log per https://bugzilla.redhat.com/show_bug.cgi?id=1309600#c3 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2016:1862 |