Bug 806827 - AVC denial having upgraded from 2.0.1
Summary: AVC denial having upgraded from 2.0.1
Keywords:
Status: CLOSED DUPLICATE of bug 788574
Alias: None
Product: Red Hat Update Infrastructure for Cloud Providers
Classification: Red Hat
Component: RHUA
Version: 2.0.3
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: ---
Assignee: James Slagle
QA Contact: wes hayutin
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-03-26 10:09 UTC by mkovacik
Modified: 2012-03-26 13:02 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-03-26 13:02:14 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description mkovacik 2012-03-26 10:09:20 UTC 
Description of problem:
Having upgraded from 2.0.1 to 2.0.3 and applied 'setenforce enforcing' a qpidd AVC denial may be observed upon pulp-server restart


Version-Release number of selected component (if applicable):
RHEL-6.2-RHUI-2.0.3-20120322.0-Server-x86_64-DVD1.iso

How reproducible:
Always

Steps to Reproduce:
1. upgrade from 2.0.1 to 2.0.3
2. setenforce enforcing
3. service pulp-server restart

  
Actual results:
An rhui-related avc message present in /var/log/audit/audit.log

Expected results:
No rhui-related avc messages present in /var/log/audit/audit.log in enforcing mode having upgraded the system to 2.0.3 from 2.0.1

Additional info:
### Screen log, error details

[root@dhcp-31-120 ~]# cp -f /var/log/audit/audit.log /var/log/audit/audit.log.2
[root@dhcp-31-120 ~]# : > /var/log/audit/audit.log
[root@dhcp-31-120 ~]# service pulp-server restart
Stopping httpd:                                            [  OK  ]
Stopping Qpid AMQP daemon:                                 [  OK  ]
Stopping mongod:                                           [  OK  ]
Starting mongod:                                           [  OK  ]
Starting Qpid AMQP daemon:                                 [  OK  ]
Starting httpd:                                            [  OK  ]
[root@dhcp-31-120 ~]# less /var/log/audit/audit.log
[root@dhcp-31-120 ~]# grep -i avc /var/log/audit/audit.log
type=AVC msg=audit(1332756007.594:24774): avc:  denied  { read } for  pid=26033 comm="qpidd" name="tmp" dev=dm-0 ino=395107 scontext=unconfined_u:system_r:qpidd_t:s0 tcontext=system_u:object_r:usr_t:s0 tclass=lnk_file
[root@dhcp-31-120 ~]#
Comment 1 James Slagle 2012-03-26 13:02:14 UTC 

*** This bug has been marked as a duplicate of bug 788574 ***
Note You need to log in before you can comment on or make changes to this bug.