Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 625016 - crond requires a restart if mcstransd is stopped
crond requires a restart if mcstransd is stopped
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: vixie-cron (Show other bugs)
5.5
All Linux
low Severity medium
: rc
: ---
Assigned To: Marcela Mašláňová
qe-baseos-daemons
: SELinux
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-08-18 07:13 EDT by Peter Bieringer
Modified: 2012-02-20 22:13 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 625009
Environment:
Last Closed: 2012-02-20 22:13:47 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2012:0304 normal SHIPPED_LIVE Low: vixie-cron security, bug fix, and enhancement update 2012-02-21 02:24:41 EST

  None (edit)
Description Peter Bieringer 2010-08-18 07:13:42 EDT 
if mcstransd was stopped manually or per accident (crash), suddenly crond logs:

Aug 18 10:50:01 system crond[23750]: CRON (*system*) ERROR:Could not set exec context to user_u:system_r:unconfined_t for user
Aug 18 10:50:01 system crond[23750]: CRON (root) ERROR: failed to change SELinux context
Aug 18 10:50:01 system crond[23750]: CRON (root) ERROR: cannot set security context
Aug 18 10:50:01 system crond[23751]: CRON (*system*) ERROR:Could not set exec context to user_u:system_r:unconfined_t for user
Aug 18 10:50:01 system crond[23751]: CRON (root) ERROR: failed to change SELinux context
Aug 18 10:50:01 system crond[23751]: CRON (root) ERROR: cannot set security context
Aug 18 10:55:01 system crond[23927]: CRON (*system*) ERROR:Could not set exec context to user_u:system_r:unconfined_t for user
Aug 18 10:55:01 system crond[23927]: CRON (root) ERROR: failed to change SELinux context
Aug 18 10:55:01 system crond[23927]: CRON (root) ERROR: cannot set security context

No cron jobs are executed anymore on a SELinux enforced systems.

only restart of crond helps, if crond is not restarted, this messages appear forever.
Comment 1 RHEL Product and Program Management 2011-01-11 15:17:40 EST 
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.
Comment 2 RHEL Product and Program Management 2011-01-12 10:18:23 EST 
This request was erroneously denied for the current release of
Red Hat Enterprise Linux.  The error has been fixed and this
request has been re-proposed for the current release.
Comment 3 RHEL Product and Program Management 2011-05-31 09:17:07 EDT 
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.
Comment 4 Miroslav Grepl 2011-09-14 06:51:31 EDT 
Could you add me outputs of

# rpm -q selinux-policy

# sestatus
Comment 5 Daniel Walsh 2011-09-15 10:47:05 EDT 
This is one reason we do not run mcstransd in RHEL6. The problem here is the real label on the files was

user_u:system_r:unconfined_t:s0

But crond got this label when mcstransd was running which was substituting :s0 with "".

Now when crond tries to use this label and mcstransd is not running it gets the wrong label.  The solution to the problem is that crond should always use raw labels and not translated labels.
Comment 11 errata-xmlrpc 2012-02-20 22:13:47 EST 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2012-0304.html
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.