Description of problem: When installing rhnmd with SELinux enabled I get: Installing : rhnmd-5.3.7-1.fc13.noarch 1/1 /var/tmp/rpm-tmp.7NwrFe: line 2: /usr/sbin/groupadd: Permission denied /var/tmp/rpm-tmp.7NwrFe: line 4: /usr/sbin/useradd: Permission denied passwd: Unknown user name 'nocpulse'. warning: user nocpulse does not exist - using root warning: group nocpulse does not exist - using root warning: user nocpulse does not exist - using root warning: group nocpulse does not exist - using root warning: user nocpulse does not exist - using root warning: group nocpulse does not exist - using root /sbin/runuser: user nocpulse does not exist Probably because there are no selinux rules. Version-Release number of selected component (if applicable): Spacewalk nightly - Fedora 13 - client How reproducible: 100% Steps to Reproduce: 1. yum install rhnmd on clean machine Actual results: AVC warning /usr/bin/env LC_ALL=en_US.UTF-8 /sbin/ausearch -sv no -m AVC -m USER_AVC -m SELINUX_ERR -ts 09/22/2010 20:53:37 < /dev/null ---- time->Wed Sep 22 20:55:01 2010 type=SYSCALL msg=audit(1285203301.927:30510): arch=c000003e syscall=59 success=no exit=-13 a0=23d76d0 a1=23d7de0 a2=23d4ff0 a3=7fffd93b62d0 items=0 ppid=3337 pid=3339 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="sh" exe="/bin/bash" subj=unconfined_u:unconfined_r:rpm_script_t:s0-s0:c0.c1023 key=(null) type=SELINUX_ERR msg=audit(1285203301.927:30510): security_compute_sid: invalid context unconfined_u:unconfined_r:groupadd_t:s0-s0:c0.c1023 for scontext=unconfined_u:unconfined_r:rpm_script_t:s0-s0:c0.c1023 tcontext=system_u:object_r:groupadd_exec_t:s0 tclass=process ---- time->Wed Sep 22 20:55:01 2010 type=SYSCALL msg=audit(1285203301.955:30511): arch=c000003e syscall=59 success=no exit=-13 a0=23d54d0 a1=23d41b0 a2=23d4ff0 a3=7fffd93b62f0 items=0 ppid=3337 pid=3341 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="sh" exe="/bin/bash" subj=unconfined_u:unconfined_r:rpm_script_t:s0-s0:c0.c1023 key=(null) type=SELINUX_ERR msg=audit(1285203301.955:30511): security_compute_sid: invalid context unconfined_u:unconfined_r:useradd_t:s0-s0:c0.c1023 for scontext=unconfined_u:unconfined_r:rpm_script_t:s0-s0:c0.c1023 tcontext=system_u:object_r:useradd_exec_t:s0 tclass=process Expected results: No warning Additional info:
Mass-moving to space13.
We did not have time for this one during Spacewalk 1.4 time frame. Mass moving to Spacewalk 1.5.
Aligning under space16.
I no longer have Fedora 13 around but I tried it on Fedora 14 and the installation of rhnmd went without problems: # yum install rhnmd beaker-distro1 | 3.7 kB 00:00 fedora/metalink | 21 kB 00:00 spacewalk-client | 2.1 kB 00:00 spacewalk-client/primary_db | 10 kB 00:00 updates/metalink | 19 kB 00:00 updates | 4.7 kB 00:00 updates/primary_db | 5.1 MB 00:00 Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package rhnmd.noarch 0:5.3.9-1.fc14 set to be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================================================================================================ Package Arch Version Repository Size ================================================================================================================================================================ Installing: rhnmd noarch 5.3.9-1.fc14 spacewalk-client 15 k Transaction Summary ================================================================================================================================================================ Install 1 Package(s) Total download size: 15 k Installed size: 20 k Is this ok [y/N]: y Downloading Packages: rhnmd-5.3.9-1.fc14.noarch.rpm | 15 kB 00:00 warning: rpmts_HdrFromFdno: Header V4 DSA/SHA1 Signature, key ID b3892132: NOKEY spacewalk-client/gpgkey | 2.7 kB 00:00 ... Importing GPG key 0xB3892132: Userid: "Spacewalk <spacewalk-devel>" From : http://spacewalk.redhat.com/yum/RPM-GPG-KEY-spacewalk-2010 Is this ok [y/N]: y Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Warning: RPMDB altered outside of yum. Installing : rhnmd-5.3.9-1.fc14.noarch 1/1 Installed: rhnmd.noarch 0:5.3.9-1.fc14 Complete! # grep nocpulse /etc/passwd nocpulse:x:498:498:NOCpulse user:/var/lib/nocpulse:/bin/bash # grep AVC /var/log/audit/audit.log #