Bug 489576 - Multiple SELinux monitoring denials with active probes
Multiple SELinux monitoring denials with active probes
Status: CLOSED CURRENTRELEASE
Product: Spacewalk
Classification: Community
Component: Server (Show other bugs)
0.5
All Linux
low Severity medium
: ---
: ---
Assigned To: Jan Pazdziora
Red Hat Satellite QA List
: Reopened
Depends On:
Blocks: space06
  Show dependency treegraph
 
Reported: 2009-03-10 14:29 EDT by Milan Zázrivec
Modified: 2009-09-10 08:05 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-09-10 08:05:35 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
part of /var/log/audit/audit.log (permissive) (7.07 KB, text/plain)
2009-03-10 14:29 EDT, Milan Zázrivec
no flags Details

  None (edit)
Description Milan Zázrivec 2009-03-10 14:29:56 EDT
Created attachment 334690 [details]
part of /var/log/audit/audit.log (permissive)

Description of problem:
Several SELinux denials show after I created some probes for a registered
system and scout pushed live.

Version-Release number of selected component (if applicable):
spacewalk-monitoring-0.5.2-1

How reproducible:
Always

Steps to Reproduce:
1. Install RHEL-5.3, selinux enabled (permissive at least)
2. Install Oracle-XE, Spacewalk 0.5
3. Activate monitoring, monitoring scout.
4. Register a system to your Spacewalk (which needs to run rhnmd).
5. Create "Network Services: Ping" probe.
6. Create "Linux: Memory Usage" probe.
7. Push scout configs.
8. Watch /var/log/audit/audit.log on your Spacewalk installation.
  
Actual results:
Attachment.

Expected results:
No denials.

Additional info:
N/A
Comment 1 wes hayutin 2009-03-10 17:55:22 EDT
there are three bugs opened on this issue...

488787
488789
488790

*** This bug has been marked as a duplicate of bug 488787 ***
Comment 2 Jan Pazdziora 2009-04-07 06:02:51 EDT
Reopening, the AVC denials here are different from those in bug 488787.
Comment 3 Jan Pazdziora 2009-04-09 09:33:52 EDT
Addressed in Spacewalk master, commits 2380c996f9d26eff39f65c87ec5369553065f746 to 7260763da9c276429e7e9a1fd53b82f1c80c252f.
Comment 4 Jan Pazdziora 2009-04-09 10:30:56 EDT
Tagged and built as spacewalk-monitoring-selinux-0.6.2-1.
Comment 5 Miroslav Suchý 2009-09-10 08:05:35 EDT
Spacewalk 0.6 released

Note You need to log in before you can comment on or make changes to this bug.