Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 654581

Summary: selinux denial on /opt/apps/oracle/web/product/10.2.0/db_1/network/log
Product: Red Hat Satellite 5 Reporter: Petr Sklenar <psklenar>
Component: ServerAssignee: Jan Pazdziora (Red Hat) <jpazdziora>
Status: CLOSED DUPLICATE QA Contact: Red Hat Satellite QA List <satqe-list>
Severity: medium Docs Contact:
Priority: low    
Version: 540CC: jkastner, slukasik
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-04-06 07:42:12 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 462714, 674675    

Description Petr Sklenar 2010-11-18 10:15:15 UTC 
Description of problem:
there is selinux denial on file /opt/apps/oracle/web/product/10.2.0/db_1/network/log

Version-Release number of selected component (if applicable):
sat540

How reproducible:
non deterministic 
very rarely

Steps to Reproduce:
1. rhn-satellite restart
  
Actual results:

time->Wed Nov 17 15:34:57 2010
type=SYSCALL msg=audit(1290026097.705:243): arch=c000003e syscall=2 per=400000 success=no exit=-13 a0=7fff536076b0 a1=441 a2=1b6 a3=441 items=0 ppid=1 pid=13844 auid=4294967295 uid=101 gid=158 euid=101 suid=101 fsuid=101 egid=157 sgid=157 fsgid=157 tty=(none) ses=4294967295 comm="oracle" exe="/opt/apps/oracle/web/product/10.2.0/db_1/bin/oracle" subj=root:system_r:oracle_db_t:s0 key=(null)
type=AVC msg=audit(1290026097.705:243): avc:  denied  { search } for  pid=13844 comm="oracle" name="log" dev=dm-0 ino=23298088 scontext=root:system_r:oracle_db_t:s0 tcontext=user_u:object_r:oracle_tnslsnr_log_t:s0 tclass=dir

----

time->Wed Nov 17 15:34:57 2010
type=SYSCALL msg=audit(1290026097.706:244): arch=c000003e syscall=2 per=400000 success=no exit=-13 a0=7fff536076b0 a1=441 a2=1b6 a3=441 items=0 ppid=1 pid=13844 auid=4294967295 uid=101 gid=158 euid=101 suid=101 fsuid=101 egid=157 sgid=157 fsgid=157 tty=(none) ses=4294967295 comm="oracle" exe="/opt/apps/oracle/web/product/10.2.0/db_1/bin/oracle" subj=root:system_r:oracle_db_t:s0 key=(null)
type=AVC msg=audit(1290026097.706:244): avc:  denied  { search } for  pid=13844 comm="oracle" name="log" dev=dm-0 ino=23298088 scontext=root:system_r:oracle_db_t:s0 tcontext=user_u:object_r:oracle_tnslsnr_log_t:s0 tclass=dir
----

# find / -mount -inum 23298088
/opt/apps/oracle/web/product/10.2.0/db_1/network/log


Expected results:
no denial

Additional info:
Comment 5 Jan Pazdziora (Red Hat) 2011-04-06 07:42:12 UTC 
We track this issue in bug 565417.

*** This bug has been marked as a duplicate of bug 565417 ***