Bug 489554
| Summary: | avc: denied { node_bind } for comm="upload_results." | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Community] Spacewalk | Reporter: | Milan Zázrivec <mzazrivec> | ||||
| Component: | Server | Assignee: | Jan Pazdziora <jpazdziora> | ||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Red Hat Satellite QA List <satqe-list> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | low | ||||||
| Version: | 0.5 | ||||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2009-09-10 12:05:33 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | |||||||
| Bug Blocks: | 456554 | ||||||
| Attachments: |
|
||||||
Fix committed to Spacewalk repo, commit f9ba12389173cbdc295fe9f5111be5e3e9c939d8 in master and 2d5d6b8a0fc3f551df1e419544417fdc09266673 in VADER. Tagged as spacewalk-monitoring-selinux-0.6.1-1 and spacewalk-monitoring-selinux-0.5.6-2-sat. Spacewalk 0.6 released |
Created attachment 334682 [details] part of /var/log/audit/audit.log Description of problem: SELinux denial occurs on a new Spacewalk 0.5 installation right after Scout Config Push completes. Version-Release number of selected component (if applicable): selinux-policy-targeted-2.4.6-203 spacewalk-selinux-0.5.2-1 spacewalk-monitoring-selinux-0.5.4-1 How reproducible: Always Steps to Reproduce: 1. Install RHEL-5.3, selinux enabled (permissive at least) 2. Install Oracle-XE and Spacewalk 0.5 3. Activate monitoring and monitoring scout. 4. In webui, navigate to Monitoring -> Scout config push and run the actual configuration push. 5. Right after the configuration push successfully completes, avc denial occurs (/var/log/audit/audit.log) Actual results: Attachment Expected results: No denial Additional info: # ls -Z /var/www/cgi-bin/upload_results.cgi -rwxr-xr-x root root system_u:object_r:httpd_sys_script_exec_t /var/www/cgi-bin/upload_results.cgi