964065 – type=AVC msg=audit(...): avc: denied { read } for pid=... comm="TSDBLocalQueue." name="..." dev=dm-0 ino=... scontext=unconfined_u:system_r:spacewalk_monitoring_t:s0 tcontext=unconfined_u:object_r:spacewalk_monitoring_lo

Bug 964065 - type=AVC msg=audit(...): avc: denied { read } for pid=... comm="TSDBLocalQueue." name="..." dev=dm-0 ino=... scontext=unconfined_u:system_r:spacewalk_monitoring_t:s0 tcontext=unconfined_u:object_r:spacewalk_monitoring_lo

Summary: type=AVC msg=audit(...): avc: denied { read } for pid=... comm="TSDBLocalQ...

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Spacewalk
Classification:	Community
Component:	Server
Sub Component:
Version:	1.8
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Michael Mráka
QA Contact:	Red Hat Satellite QA List
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	964074 space27
TreeView+	depends on / blocked

Reported:	2013-05-17 07:48 UTC by Jan Hutař
Modified:	2017-09-28 18:10 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Clone Of:
Clones:	964074 (view as bug list)
Environment:
Last Closed:	2015-03-30 17:37:49 UTC
Embargoed:

Attachments	(Terms of Use)

Description Jan Hutař 2013-05-17 07:48:41 UTC

Description of problem:
With Monitoring enabled and SELinux in Enforcing I see some AVC messages mentioning "upload_results" and lot of these mentioning "TSDBLocalQueue".


Version-Release number of selected component (if applicable):
spacewalk-monitoring-selinux-1.10.2-1.el6.noarch
spacewalk-selinux-1.10.1-1.el6.noarch
osa-dispatcher-selinux-5.11.25-1.el6.noarch


How reproducible:
always


Steps to Reproduce:
1. Configure Monitoring for some your client, set some probes
2. Make sure you have SELinux in Enforcing


Actual results:
time->Thu May 16 22:48:31 2013
type=SYSCALL msg=audit(1368758911.199:208): arch=c000003e syscall=2 success=no exit=-13 a0=15d61a0 a1=0 a2=1b6 a3=3f4591dd40 items=0 ppid=8643 pid=18457 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="upload_results." exe="/usr/bin/perl" subj=unconfined_u:system_r:httpd_sys_script_t:s0 key=(null)
type=AVC msg=audit(1368758911.199:208): avc:  denied  { open } for  pid=18457 comm="upload_results." name="NOCpulse.ini" dev=dm-0 ino=3028819 scontext=unconfined_u:system_r:httpd_sys_script_t:s0 tcontext=unconfined_u:object_r:spacewalk_monitoring_conf_t:s0 tclass=file
----
time->Thu May 16 22:49:02 2013
type=SYSCALL msg=audit(1368758942.821:209): arch=c000003e syscall=2 success=no exit=-13 a0=21a5d30 a1=0 a2=1b6 a3=3f4591dd40 items=0 ppid=5186 pid=5187 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="TSDBLocalQueue." exe="/usr/bin/perl" subj=unconfined_u:system_r:spacewalk_monitoring_t:s0 key=(null)
type=AVC msg=audit(1368758942.821:209): avc:  denied  { read } for  pid=5187 comm="TSDBLocalQueue." name="1368758941.8112" dev=dm-0 ino=1710193 scontext=unconfined_u:system_r:spacewalk_monitoring_t:s0 tcontext=unconfined_u:object_r:spacewalk_monitoring_log_t:s0 tclass=file


Expected results:
No AVCs

Comment 2 Jan Hutař 2013-05-17 08:05:09 UTC

This might be relevant to bug 488792

Comment 3 Grant Gainey 2015-03-30 17:37:49 UTC

With the release of Spacewalk 2.3, Monitoring is no longer supported.

Comment 4 Eric Herget 2017-09-28 18:10:15 UTC

This BZ closed some time during 2.5, 2.6 or 2.7.  Adding to 2.7 tracking bug.

Note You need to log in before you can comment on or make changes to this bug.