Bug 489576

Summary: Multiple SELinux monitoring denials with active probes
Product: [Community] Spacewalk Reporter: Milan Zázrivec <mzazrivec>
Component: ServerAssignee: Jan Pazdziora (Red Hat) <jpazdziora>
Status: CLOSED CURRENTRELEASE QA Contact: Red Hat Satellite QA List <satqe-list>
Severity: medium Docs Contact:
Priority: low    
Version: 0.5CC: whayutin
Target Milestone: ---Keywords: Reopened
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-09-10 12:05:35 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 456554    
Attachments:
Description Flags
part of /var/log/audit/audit.log (permissive) none

Description Milan Zázrivec 2009-03-10 18:29:56 UTC 
Created attachment 334690 [details]
part of /var/log/audit/audit.log (permissive)

Description of problem:
Several SELinux denials show after I created some probes for a registered
system and scout pushed live.

Version-Release number of selected component (if applicable):
spacewalk-monitoring-0.5.2-1

How reproducible:
Always

Steps to Reproduce:
1. Install RHEL-5.3, selinux enabled (permissive at least)
2. Install Oracle-XE, Spacewalk 0.5
3. Activate monitoring, monitoring scout.
4. Register a system to your Spacewalk (which needs to run rhnmd).
5. Create "Network Services: Ping" probe.
6. Create "Linux: Memory Usage" probe.
7. Push scout configs.
8. Watch /var/log/audit/audit.log on your Spacewalk installation.
  
Actual results:
Attachment.

Expected results:
No denials.

Additional info:
N/A
Comment 1 wes hayutin 2009-03-10 21:55:22 UTC 
there are three bugs opened on this issue...

488787
488789
488790

*** This bug has been marked as a duplicate of bug 488787 ***
Comment 2 Jan Pazdziora (Red Hat) 2009-04-07 10:02:51 UTC 
Reopening, the AVC denials here are different from those in bug 488787.
Comment 3 Jan Pazdziora (Red Hat) 2009-04-09 13:33:52 UTC 
Addressed in Spacewalk master, commits 2380c996f9d26eff39f65c87ec5369553065f746 to 7260763da9c276429e7e9a1fd53b82f1c80c252f.
Comment 4 Jan Pazdziora (Red Hat) 2009-04-09 14:30:56 UTC 
Tagged and built as spacewalk-monitoring-selinux-0.6.2-1.
Comment 5 Miroslav Suchý 2009-09-10 12:05:35 UTC 
Spacewalk 0.6 released