Bug 580047
Summary: | selinux denial: comm="osa-dispatcher" cannot write to path="/sqlnet.log" | |||
---|---|---|---|---|
Product: | Red Hat Satellite 5 | Reporter: | Petr Sklenar <psklenar> | |
Component: | Server | Assignee: | Jan Pazdziora (Red Hat) <jpazdziora> | |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Petr Sklenar <psklenar> | |
Severity: | medium | Docs Contact: | ||
Priority: | low | |||
Version: | unspecified | CC: | cperry, jpazdziora, mmraka, msuchy | |
Target Milestone: | --- | |||
Target Release: | --- | |||
Hardware: | All | |||
OS: | Linux | |||
Whiteboard: | Fixed in the 5.4.0 Release - GA'd 2010-10-27 | |||
Fixed In Version: | Doc Type: | Bug Fix | ||
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 580401 (view as bug list) | Environment: | ||
Last Closed: | 2010-10-28 15:02:02 UTC | Type: | --- | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | 580401 | |||
Bug Blocks: | 462714, 487678 |
Description
Petr Sklenar
2010-04-07 11:37:13 UTC
Can you confirm that the AVC denial only appears if the database is down / unreachable / the connect information is wrong? In general, sqlnet.log is only written if there is a problem during connect. That's why we did not really bother to address this AVC denial in the past. (In reply to comment #1) > Can you confirm that the AVC denial only appears if the database is down / > unreachable / the connect information is wrong? Right , it was in time of db issue, so there are only few denials on /sqlnet.log for last month or so. > > In general, sqlnet.log is only written if there is a problem during connect. > > That's why we did not really bother to address this AVC denial in the past. (In reply to comment #2) > > Right , it was in time of db issue, so there are only few denials on > /sqlnet.log for last month or so. Thanks. In that case, let me move it from the 5.3.1 triage to later queue. We should use something like /usr/lib64/oracle/10.2.0.4/client/lib/network/admin/sqlnet.ora to set log_directory_client = /var/log/something and SELinux-label that /var/log/something (or sqlnet.log in it) in such a way that all client programs can append to it. Adding Michael to Cc. Addressed in Spacewalk master 72755b7518ecde99364eb8726fca0d39f6b1fbb2 and d9c9529015b0ae3705046cc318e238fd415484d6. *** Bug 580401 has been marked as a duplicate of this bug. *** I didnt see a denial on /sqlnet.log Verified with Satellite-5.4.0-RHEL5-re20100827.0 on x86646 rhel55 The 5.4.0 RHN Satellite and RHN Proxy release has occurred. This issue has been resolved with this release. RHEA-2010:0801 - RHN Satellite Server 5.4.0 Upgrade https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10332 RHEA-2010:0803 - RHN Tools enhancement update https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10333 RHEA-2010:0802 - RHN Proxy Server 5.4.0 bug fix update https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10334 RHEA-2010:0800 - RHN Satellite Server 5.4.0 https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10335 Docs are available: http://docs.redhat.com/docs/en-US/Red_Hat_Network_Satellite/index.html Regards, Clifford *** Bug 519174 has been marked as a duplicate of this bug. *** |