Description of problem: Enabling monitoring scout throws errors when you attempt a restart of spacewalk. This is on a freshly installed system of centos and spacewalk. Following https://fedorahosted.org/spacewalk/wiki/HowToInstall on a fully updated CentOS 6 installation. Using embedded postgresql. After creating the admin, finish system configuration by enabling monitoring, and enabling monitoring scout. Then restart the spacewalk service as directed. Steps to enable monitoring that I followed are here: https://access.redhat.com/site/documentation/en-US/Red_Hat_Network_Satellite/5.4/html/Reference_Guide/chap-Reference_Guide-Monitoring.html [root@spacewalk ~]# /usr/sbin/spacewalk-service restart Shutting down spacewalk services... Stopping RHN Taskomatic... Stopped RHN Taskomatic. Stopping cobbler daemon: [ OK ] Stopping rhn-search... Stopped rhn-search. Stopping MonitoringScout ... [ OK ] Stopping Monitoring ... [ OK ] Shutting down osa-dispatcher: [ OK ] Stopping httpd: [ OK ] Stopping tomcat6: [ OK ] Terminating jabberd processes ... Stopping s2s: [ OK ] Stopping c2s: [ OK ] Stopping sm: [ OK ] Stopping router: [ OK ] Stopping postgresql service: [ OK ] Done. Starting spacewalk services... Starting postgresql service: [ OK ] Initializing jabberd processes ... Starting router: [ OK ] Starting sm: [ OK ] Starting c2s: [ OK ] Starting s2s: [ OK ] Starting tomcat6: [ OK ] Waiting for tomcat to be ready ... Starting httpd: [ OK ] Starting osa-dispatcher: [ OK ] Starting Monitoring ... Issuing rollback() due to DESTROY without explicit disconnect() of DBD::Pg::db handle dbname=rhnschema at /etc/rc.d/np.d/SysVStep.pm line 287. 2013-10-03 15:01:23 InstallSoftwareConfig: !! Error closing /etc/NOCpulse.ini: Permission denied at /usr/share/perl5/vendor_perl/NOCpulse/NOCpulseini.pm line 75. Starting InstallSoftwareConfig ... [ FAIL ] 2013-10-03 15:01:23 InstallSoftwareConfig: WARNING: STARTED BUT *NOT* RUNNING 2013-10-03 15:01:23 InstallSoftwareConfig: ERRORS ENCOUNTERED DURING LAST ACTION: 2013-10-03 15:01:23 InstallSoftwareConfig: !! Error closing /etc/NOCpulse.ini: Permission denied at /usr/share/perl5/vendor_perl/NOCpulse/NOCpulseini.pm line 75. 2013-10-03 15:01:23 Monitoring: !! Monitoring configuration load failed 2013-10-03 15:01:23 Monitoring: !! Monitoring configuration not loaded - not starting MOC functions! [ FAIL ] 2013-10-03 15:01:23 Monitoring: WARNING: STARTED BUT *NOT* RUNNING 2013-10-03 15:01:23 Monitoring: ERRORS ENCOUNTERED DURING LAST ACTION: 2013-10-03 15:01:23 Monitoring: !! Monitoring configuration load failed 2013-10-03 15:01:23 Monitoring: !! Monitoring configuration not loaded - not starting MOC functions! Starting MonitoringScout ... Issuing rollback() due to DESTROY without explicit disconnect() of DBD::Pg::db handle dbname=rhnschema at /etc/rc.d/np.d/SysVStep.pm line 287. 2013-10-03 15:01:24 InstallSoftwareConfig: !! Error closing /etc/NOCpulse.ini: Permission denied at /usr/share/perl5/vendor_perl/NOCpulse/NOCpulseini.pm line 75. Starting InstallSoftwareConfig ... [ FAIL ] 2013-10-03 15:01:24 InstallSoftwareConfig: WARNING: STARTED BUT *NOT* RUNNING 2013-10-03 15:01:24 InstallSoftwareConfig: ERRORS ENCOUNTERED DURING LAST ACTION: 2013-10-03 15:01:24 InstallSoftwareConfig: !! Error closing /etc/NOCpulse.ini: Permission denied at /usr/share/perl5/vendor_perl/NOCpulse/NOCpulseini.pm line 75. 2013-10-03 15:01:24 MonitoringScout: NOTE: Attempting to start scout without configuration refresh Starting NPBootstrap ... [ OK ] Starting SputLite ... 2013-10-03 15:01:25 SputLite: !! ERROR FROM SHELL COMMAND: 2013-10-03 15:01:25 SputLite: !! STDOUT: 2013-10-03 15:01:25 SputLite: !! STDERR: 2013-10-03 15:01:25 SputLite: !! EXIT: 3328 [ FAIL ] 2013-10-03 15:01:25 SputLite: WARNING: STARTED BUT *NOT* RUNNING 2013-10-03 15:01:25 SputLite: ERRORS ENCOUNTERED DURING LAST ACTION: 2013-10-03 15:01:25 SputLite: !! ERROR FROM SHELL COMMAND: 2013-10-03 15:01:25 SputLite: !! STDOUT: 2013-10-03 15:01:25 SputLite: !! STDERR: 2013-10-03 15:01:25 SputLite: !! EXIT: 3328 Starting Dequeuer ... 2013-10-03 15:01:27 Dequeuer: !! ERROR FROM SHELL COMMAND: 2013-10-03 15:01:27 Dequeuer: !! STDOUT: 2013-10-03 15:01:27 Dequeuer: !! STDERR: 2013-10-03 15:01:27 Dequeuer: !! EXIT: 3328 [ FAIL ] 2013-10-03 15:01:27 Dequeuer: WARNING: STARTED BUT *NOT* RUNNING 2013-10-03 15:01:27 Dequeuer: ERRORS ENCOUNTERED DURING LAST ACTION: 2013-10-03 15:01:27 Dequeuer: !! ERROR FROM SHELL COMMAND: 2013-10-03 15:01:27 Dequeuer: !! STDOUT: 2013-10-03 15:01:27 Dequeuer: !! STDERR: 2013-10-03 15:01:27 Dequeuer: !! EXIT: 3328 Starting Dispatcher ... 2013-10-03 15:01:28 Dispatcher: !! ERROR FROM SHELL COMMAND: 2013-10-03 15:01:28 Dispatcher: !! STDOUT: 2013-10-03 15:01:28 Dispatcher: !! STDERR: 2013-10-03 15:01:28 Dispatcher: !! EXIT: 3328 [ FAIL ] 2013-10-03 15:01:28 Dispatcher: WARNING: STARTED BUT *NOT* RUNNING 2013-10-03 15:01:28 Dispatcher: ERRORS ENCOUNTERED DURING LAST ACTION: 2013-10-03 15:01:28 Dispatcher: !! ERROR FROM SHELL COMMAND: 2013-10-03 15:01:28 Dispatcher: !! STDOUT: 2013-10-03 15:01:28 Dispatcher: !! STDERR: 2013-10-03 15:01:28 Dispatcher: !! EXIT: 3328 2013-10-03 15:01:28 MonitoringScout: !! Monitoring configuration load failed [ FAIL ] 2013-10-03 15:01:28 MonitoringScout: WARNING: STARTED BUT *NOT* RUNNING 2013-10-03 15:01:28 MonitoringScout: ERRORS ENCOUNTERED DURING LAST ACTION: 2013-10-03 15:01:28 MonitoringScout: !! Monitoring configuration load failed Starting rhn-search... Starting cobbler daemon: [ OK ] Starting RHN Taskomatic... Done. [root@spacewalk ~]# ls -al /etc/NOCpulse.ini -rw-r--r--. 1 root root 8153 Oct 3 15:00 /etc/NOCpulse.ini [root@spacewalk ~]# ls -alZ /etc/NOCpulse.ini -rw-r--r--. root root unconfined_u:object_r:etc_t:s0 /etc/NOCpulse.ini How reproducible: Always
Hello William, do you have enabled SElinux on spacewalk server by chance? Are there any AVC denials logged in /var/log/audit/aidit.log? Monitoring feature in spacewalk is known not to work properly with SElinux set to Enforcing. Regards, Michael
Created attachment 807990 [details] SELinux denials when restarting spacewalk Running setenforce 0, corrects this. Taking the denials above, and putting them through audit2allow also results in a working system. However, many of the contexts used in that are probably not creating great SELinux rules. I certainly think that proper SELinux rules should be created for the spacewalk monitoring system.
Hello William, thank you for confirmation. We are already tracking Monitoring + SElinux issue in a different bug so I'm going to close this report and link it to the older one. Regards, Michael *** This bug has been marked as a duplicate of bug 808082 ***
This BZ closed some time during 2.5, 2.6 or 2.7. Adding to 2.7 tracking bug.