Bug 630833

Summary:	SELinux is preventing /usr/bin/perl "open" access on /usr/share/perl5/NOCpulse/Object.pm.
Product:	[Community] Spacewalk	Reporter:	Jiri Kastner <jkastner>
Component:	Server	Assignee:	Jan Pazdziora (Red Hat) <jpazdziora>
Status:	CLOSED DUPLICATE	QA Contact:	Red Hat Satellite QA List <satqe-list>
Severity:	medium	Docs Contact:
Priority:	medium
Version:	1.2	CC:	akozlenko.kz, dwalsh, mgrepl
Target Milestone:	---
Target Release:	---
Hardware:	x86_64
OS:	Linux
Whiteboard:	setroubleshoot_trace_hash:6845ea7b993ca3ab5b5bdcfa5e87611006d97343255d3c9262263dace568537c
Fixed In Version:		Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2010-10-04 16:26:39 UTC	Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:
Bug Blocks:	623772

Description Jiri Kastner 2010-09-07 07:01:35 UTC

Summary:

SELinux is preventing /usr/bin/perl "open" access on
/usr/share/perl5/NOCpulse/Object.pm.

Detailed Description:

SELinux denied access requested by MonitoringScout. It is not expected that this
access is required by MonitoringScout and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug
report.

Additional Information:

Source Context                unconfined_u:system_r:spacewalk_monitoring_t:s0
Target Context                system_u:object_r:usr_t:s0
Target Objects                /usr/share/perl5/NOCpulse/Object.pm [ file ]
Source                        MonitoringScout
Source Path                   /usr/bin/perl
Port                          <Unknown>
Host                          (removed)
Source RPM Packages           perl-5.10.1-116.fc13
Target RPM Packages           perl-NOCpulse-Object-1.26.12-1.fc13
Policy RPM                    selinux-policy-3.7.19-51.fc13
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     (removed)
Platform                      Linux localhost.localdomain
                              2.6.33.6-147.2.4.rt28.1.fc13.ccrma.x86_64.rt #1
                              SMP PREEMPT RT Mon Aug 2 15:24:36 EDT 2010 x86_64
                              x86_64
Alert Count                   24
First Seen                    Mon 06 Sep 2010 08:55:57 PM CEST
Last Seen                     Mon 06 Sep 2010 09:12:21 PM CEST
Local ID                      1b84fad1-3592-4deb-9ac7-048282c849f0
Line Numbers                  

Raw Audit Messages            

node=localhost.localdomain type=AVC msg=audit(1283800341.427:64229): avc:  denied  { open } for  pid=13187 comm="MonitoringScout" name="Object.pm" dev=sda7 ino=399252 scontext=unconfined_u:system_r:spacewalk_monitoring_t:s0 tcontext=system_u:object_r:usr_t:s0 tclass=file

node=localhost.localdomain type=SYSCALL msg=audit(1283800341.427:64229): arch=c000003e syscall=2 success=no exit=-13 a0=d41a40 a1=0 a2=1b6 a3=3e37d1dd80 items=0 ppid=13186 pid=13187 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=3 comm="MonitoringScout" exe="/usr/bin/perl" subj=unconfined_u:system_r:spacewalk_monitoring_t:s0 key=(null)



Hash String generated from  catchall,MonitoringScout,spacewalk_monitoring_t,usr_t,file,open
audit2allow suggests:

#============= spacewalk_monitoring_t ==============
allow spacewalk_monitoring_t usr_t:file open;

Comment 1 Jiri Kastner 2010-09-07 07:14:09 UTC

installed spacewalk-postgresql (from nightly) on f13, selinux enabled, spacewalk-monitoring-selinux installed (spacewalk-monitoring-selinux-1.1.1-1.fc13.noarch)

Comment 3 Jan Pazdziora (Red Hat) 2010-10-04 16:26:39 UTC


*** This bug has been marked as a duplicate of bug 619014 ***