1232833 – avc: denied { write } for cobblerd

Bug 1232833 - avc: denied { write } for cobblerd

Summary: avc: denied { write } for cobblerd

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Spacewalk
Classification:	Community
Component:	Server
Sub Component:
Version:	2.3
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Tomas Lestach
QA Contact:	Red Hat Satellite QA List
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	space28
TreeView+	depends on / blocked

Reported:	2015-06-17 15:20 UTC by Pavel Studeník
Modified:	2018-04-20 12:21 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2018-02-05 13:50:49 UTC
Embargoed:

Attachments	(Terms of Use)

Description Pavel Studeník 2015-06-17 15:20:21 UTC

Description of problem:
I dumped rhn channel with kickstart and try to sync back to spacewalk. In audit.log I found AVC messages after syncing and during time, when taskomatic worked on the channel.

Version-Release number of selected component (if applicable):
RHEL 7.1

How reproducible:
always

Steps to Reproduce:
1. wget --quiet 'http://downdload.local/dump_channels/channels-rhel-x86_64-server-6.zip' -O channels.zip'
2. unzip -q channels.zip'
3. satellite-sync -m dumps/ -c rhel-x86_64-server-6

Actual results:
# cat /var/log/audit/audit.log
time->Wed Jun 17 07:58:03 2015
type=SYSCALL msg=audit(1434542283.471:1096): arch=c000003e syscall=86 success=yes exit=0 a0=7ffe04001da0 a1=7ffe0402f020 a2=7ffe1d733f88 a3=fffffff0 items=0 ppid=1 pid=656 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="cobblerd" exe="/usr/bin/python2.7" subj=system_u:system_r:cobblerd_t:s0 key=(null)
type=AVC msg=audit(1434542283.471:1096): avc:  denied  { write } for  pid=656 comm="cobblerd" name="initrd.img" dev="dm-0" ino=1813744613 scontext=system_u:system_r:cobblerd_t:s0 tcontext=system_u:object_r:spacewalk_data_t:s0 tclass=file
----
time->Wed Jun 17 07:58:03 2015
type=SYSCALL msg=audit(1434542283.472:1097): arch=c000003e syscall=86 success=yes exit=0 a0=7ffe04068550 a1=7ffe04088b50 a2=7ffe1d733f88 a3=fffffff0 items=0 ppid=1 pid=656 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="cobblerd" exe="/usr/bin/python2.7" subj=system_u:system_r:cobblerd_t:s0 key=(null)
type=AVC msg=audit(1434542283.472:1097): avc:  denied  { write } for  pid=656 comm="cobblerd" name="vmlinuz" dev="dm-0" ino=1813744614 scontext=system_u:system_r:cobblerd_t:s0 tcontext=system_u:object_r:spacewalk_data_t:s0 tclass=file

Expected results:
without avc message

Note You need to log in before you can comment on or make changes to this bug.