Description of problem: 4/24.1 build SELinux, RHN Satellite: Disk Space Command failed with status 1: /bin/df: cannot read table of mounted file systems: Permission denied recreate: 1. setup monitoring 2. register another satellite(client) to your satellite(host) 3. setup the probe RHN Satellite: Disk Space 4. push scout config get SELinux, RHN Satellite: Disk Space Command failed with status 1: /bin/df: cannot read table of mounted file systems: Permission denied selinux error on the satellite(host) type=AVC msg=audit(1241105035.497:2881): avc: denied { read } for pid=27280 comm="df" name="mtab" dev=dm-0 ino=8406369 scontex t=root:system_r:spacewalk_monitoring_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=file type=SYSCALL msg=audit(1241105035.497:2881): arch=40000003 syscall=5 success=no exit=-13 a0=8050671 a1=0 a2=1b6 a3=92f7858 items= 0 ppid=27271 pid=27280 auid=0 uid=103 gid=105 euid=103 suid=103 fsuid=103 egid=105 sgid=105 fsgid=105 tty=(none) ses=249 comm="df " exe="/bin/df" subj=root:system_r:spacewalk_monitoring_t:s0 key=(null)
The full AVCs seem to be: type=AVC msg=audit(1241433087.196:246): avc: denied { read } for pid=4960 comm="df" name="mtab" dev=dm-0 ino=4608041 scontext=root:system_r:spacewalk_monitoring_t:s0 tcontext=root:object_r:etc_runtime_t:s0 tclass=file type=AVC msg=audit(1241433087.207:247): avc: denied { getattr } for pid=4960 comm="df" path="/etc/mtab" dev=dm-0 ino=4608041 scontext=root:system_r:spacewalk_monitoring_t:s0 tcontext=root:object_r:etc_runtime_t:s0 tclass=file type=AVC msg=audit(1241433087.214:248): avc: denied { getattr } for pid=4960 comm="df" name="/" dev=dm-0 ino=2 scontext=root:system_r:spacewalk_monitoring_t:s0 tcontext=system_u:object_r:fs_t:s0 tclass=filesystem type=AVC msg=audit(1241433087.215:249): avc: denied { getattr } for pid=4960 comm="df" name="/" dev=sysfs ino=1 scontext=root:system_r:spacewalk_monitoring_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=filesystem type=AVC msg=audit(1241433087.221:250): avc: denied { getattr } for pid=4960 comm="df" name="/" dev=devpts ino=1 scontext=root:system_r:spacewalk_monitoring_t:s0 tcontext=system_u:object_r:devpts_t:s0 tclass=filesystem type=AVC msg=audit(1241433087.223:251): avc: denied { getattr } for pid=4960 comm="df" name="/" dev=tmpfs ino=4727 scontext=root:system_r:spacewalk_monitoring_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=filesystem type=AVC msg=audit(1241433087.225:252): avc: denied { search } for pid=4960 comm="df" name="fs" dev=proc ino=-268435427 scontext=root:system_r:spacewalk_monitoring_t:s0 tcontext=system_u:object_r:sysctl_fs_t:s0 tclass=dir type=AVC msg=audit(1241433087.225:252): avc: denied { getattr } for pid=4960 comm="df" name="/" dev=binfmt_misc ino=4804 scontext=root:system_r:spacewalk_monitoring_t:s0 tcontext=system_u:object_r:binfmt_misc_fs_t:s0 tclass=filesystem type=AVC msg=audit(1241433087.227:253): avc: denied { search } for pid=4960 comm="df" name="nfs" dev=dm-0 ino=2319800 scontext=root:system_r:spacewalk_monitoring_t:s0 tcontext=system_u:object_r:var_lib_nfs_t:s0 tclass=dir type=AVC msg=audit(1241433087.227:253): avc: denied { getattr } for pid=4960 comm="df" name="/" dev=rpc_pipefs ino=6224 scontext=root:system_r:spacewalk_monitoring_t:s0 tcontext=system_u:object_r:rpc_pipefs_t:s0 tclass=filesystem type=AVC msg=audit(1241433087.235:254): avc: denied { search } for pid=4960 comm="df" name="mnt" dev=dm-0 ino=4214689 scontext=root:system_r:spacewalk_monitoring_t:s0 tcontext=system_u:object_r:mnt_t:s0 tclass=dir type=AVC msg=audit(1241433087.235:254): avc: denied { getattr } for pid=4960 comm="df" name="/" dev=0:16 ino=0 scontext=root:system_r:spacewalk_monitoring_t:s0 tcontext=system_u:object_r:nfs_t:s0 tclass=filesystem
Fix in Spacewalk git master 56cb2fde6f9c19298be425e6cc80df1bb55620e3.
[root@grandprix ~]# tail -f /var/log/audit/audit.log | grep -v TSDBLocalQueue [root@grandprix ~]# getenforce Enforcing [root@grandprix ~]# -bash-3.2$ rhn-runprobe --probe 177 2009-06-04 09:24:36 No items changed 2009-06-04 09:24:36 Would notify because: 2009-06-04 09:24:36 space_used '13872' is CRITICAL (renotified: 2) 2009-06-04 09:24:36 NOTE: Running in test mode; no changes saved, nothing enqueued 2009-06-04 09:24:36 ============================================================ CRITICAL: Filesystem /dev/mapper/VolGroup00-LogVol00 (/): Space used 13,872 MB (above critical threshold of 600 MB); Filesystem pct used 42%; Space available 19,434 MB ============================================================ -bash-3.2$
Verified in stage -> RELEASE_PENDING
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHEA-2009-1434.html