Bug 489576 - Multiple SELinux monitoring denials with active probes
Summary: Multiple SELinux monitoring denials with active probes
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Spacewalk
Classification: Community
Component: Server
Version: 0.5
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
Assignee: Jan Pazdziora
QA Contact: Red Hat Satellite QA List
URL:
Whiteboard:
Depends On:
Blocks: space06
TreeView+ depends on / blocked
 
Reported: 2009-03-10 18:29 UTC by Milan Zázrivec
Modified: 2009-09-10 12:05 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-09-10 12:05:35 UTC
Embargoed:

Attachments (Terms of Use)
part of /var/log/audit/audit.log (permissive) (7.07 KB, text/plain)
2009-03-10 18:29 UTC, Milan Zázrivec 		no flags Details
View All

Description Milan Zázrivec 2009-03-10 18:29:56 UTC 
Created attachment 334690 [details]
part of /var/log/audit/audit.log (permissive)

Description of problem:
Several SELinux denials show after I created some probes for a registered
system and scout pushed live.

Version-Release number of selected component (if applicable):
spacewalk-monitoring-0.5.2-1

How reproducible:
Always

Steps to Reproduce:
1. Install RHEL-5.3, selinux enabled (permissive at least)
2. Install Oracle-XE, Spacewalk 0.5
3. Activate monitoring, monitoring scout.
4. Register a system to your Spacewalk (which needs to run rhnmd).
5. Create "Network Services: Ping" probe.
6. Create "Linux: Memory Usage" probe.
7. Push scout configs.
8. Watch /var/log/audit/audit.log on your Spacewalk installation.
  
Actual results:
Attachment.

Expected results:
No denials.

Additional info:
N/A
Comment 1 wes hayutin 2009-03-10 21:55:22 UTC 
there are three bugs opened on this issue...

488787
488789
488790

*** This bug has been marked as a duplicate of bug 488787 ***
Comment 2 Jan Pazdziora 2009-04-07 10:02:51 UTC 
Reopening, the AVC denials here are different from those in bug 488787.
Comment 3 Jan Pazdziora 2009-04-09 13:33:52 UTC 
Addressed in Spacewalk master, commits 2380c996f9d26eff39f65c87ec5369553065f746 to 7260763da9c276429e7e9a1fd53b82f1c80c252f.
Comment 4 Jan Pazdziora 2009-04-09 14:30:56 UTC 
Tagged and built as spacewalk-monitoring-selinux-0.6.2-1.
Comment 5 Miroslav Suchý 2009-09-10 12:05:35 UTC 
Spacewalk 0.6 released
Note You need to log in before you can comment on or make changes to this bug.