Bug 489554 - avc: denied { node_bind } for comm="upload_results."
avc: denied { node_bind } for comm="upload_results."
Status: CLOSED CURRENTRELEASE
Product: Spacewalk
Classification: Community
Component: Server (Show other bugs)
0.5
All Linux
low Severity medium
: ---
: ---
Assigned To: Jan Pazdziora
Red Hat Satellite QA List
:
Depends On:
Blocks: space06
  Show dependency treegraph
 
Reported: 2009-03-10 13:13 EDT by Milan Zázrivec
Modified: 2009-09-10 08:05 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-09-10 08:05:33 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
part of /var/log/audit/audit.log (221 bytes, text/plain)
2009-03-10 13:13 EDT, Milan Zázrivec
no flags Details

  None (edit)
Description Milan Zázrivec 2009-03-10 13:13:30 EDT
Created attachment 334682 [details]
part of /var/log/audit/audit.log

Description of problem:
SELinux denial occurs on a new Spacewalk 0.5 installation right after
Scout Config Push completes.

Version-Release number of selected component (if applicable):
selinux-policy-targeted-2.4.6-203
spacewalk-selinux-0.5.2-1
spacewalk-monitoring-selinux-0.5.4-1

How reproducible:
Always

Steps to Reproduce:
1. Install RHEL-5.3, selinux enabled (permissive at least)
2. Install Oracle-XE and Spacewalk 0.5
3. Activate monitoring and monitoring scout.
4. In webui, navigate to Monitoring -> Scout config push and run the
   actual configuration push.
5. Right after the configuration push successfully completes, avc denial
   occurs (/var/log/audit/audit.log)
  
Actual results:
Attachment

Expected results:
No denial

Additional info:
# ls -Z /var/www/cgi-bin/upload_results.cgi
-rwxr-xr-x  root root system_u:object_r:httpd_sys_script_exec_t /var/www/cgi-bin/upload_results.cgi
Comment 1 Jan Pazdziora 2009-04-07 07:21:30 EDT
Fix committed to Spacewalk repo, commit f9ba12389173cbdc295fe9f5111be5e3e9c939d8 in master and 2d5d6b8a0fc3f551df1e419544417fdc09266673 in VADER.
Comment 2 Jan Pazdziora 2009-04-08 05:18:38 EDT
Tagged as spacewalk-monitoring-selinux-0.6.1-1 and spacewalk-monitoring-selinux-0.5.6-2-sat.
Comment 3 Miroslav Suchý 2009-09-10 08:05:33 EDT
Spacewalk 0.6 released

Note You need to log in before you can comment on or make changes to this bug.