Description of problem: * Satellite 5.4.1 @ RHEL-6.1 * Custom distribution kickstartable tree placed on Satellite's filer (i.e. /var/satellite) * creation of custom distribution in webui fails with an error message: The kernel could not be found at the specified location: ... * Following SELinux denials show: type=AVC msg=audit(1302172437.980:21641): avc: denied { search } for pid=1349 comm="cobblerd" name="satellite" dev=vda1 ino=929797 scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=system_u:object_r:spacewalk_data_t:s0 tclass=dir Version-Release number of selected component (if applicable): selinux-policy-3.7.19-80.el6.noarch cobbler-2.0.7-8.el6sat.noarch How reproducible: Always Steps to Reproduce: 1. Try to create custom distribution in Satellite webui (the path pointing to a location on your filer) Actual results: The action fails, selinux denial occurs. Expected results: The action succeeds, no SELinux denials. Additional info: The thing works w/ SELinux permissive. The same problem will most likely show with kickstart distributions downloaded from RHN.
The spacewalk-selinux fix for bug 702274 also fixes this issue.
Verified as per bug 702274 comment 15.
Verified in stage w/ spacewalk-selinux-1.2.1-5 -> release pending.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. https://rhn.redhat.com/errata/RHEA-2011-0875.html