Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 964065

Summary: type=AVC msg=audit(...): avc: denied { read } for pid=... comm="TSDBLocalQueue." name="..." dev=dm-0 ino=... scontext=unconfined_u:system_r:spacewalk_monitoring_t:s0 tcontext=unconfined_u:object_r:spacewalk_monitoring_lo
Product: [Community] Spacewalk Reporter: Jan Hutař <jhutar>
Component: ServerAssignee: Michael Mráka <mmraka>
Status: CLOSED WONTFIX QA Contact: Red Hat Satellite QA List <satqe-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 1.8CC: ggainey
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 964074 (view as bug list) Environment:
Last Closed: 2015-03-30 17:37:49 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 964074, 1484117    

Description Jan Hutař 2013-05-17 07:48:41 UTC 
Description of problem:
With Monitoring enabled and SELinux in Enforcing I see some AVC messages mentioning "upload_results" and lot of these mentioning "TSDBLocalQueue".


Version-Release number of selected component (if applicable):
spacewalk-monitoring-selinux-1.10.2-1.el6.noarch
spacewalk-selinux-1.10.1-1.el6.noarch
osa-dispatcher-selinux-5.11.25-1.el6.noarch


How reproducible:
always


Steps to Reproduce:
1. Configure Monitoring for some your client, set some probes
2. Make sure you have SELinux in Enforcing


Actual results:
time->Thu May 16 22:48:31 2013
type=SYSCALL msg=audit(1368758911.199:208): arch=c000003e syscall=2 success=no exit=-13 a0=15d61a0 a1=0 a2=1b6 a3=3f4591dd40 items=0 ppid=8643 pid=18457 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="upload_results." exe="/usr/bin/perl" subj=unconfined_u:system_r:httpd_sys_script_t:s0 key=(null)
type=AVC msg=audit(1368758911.199:208): avc:  denied  { open } for  pid=18457 comm="upload_results." name="NOCpulse.ini" dev=dm-0 ino=3028819 scontext=unconfined_u:system_r:httpd_sys_script_t:s0 tcontext=unconfined_u:object_r:spacewalk_monitoring_conf_t:s0 tclass=file
----
time->Thu May 16 22:49:02 2013
type=SYSCALL msg=audit(1368758942.821:209): arch=c000003e syscall=2 success=no exit=-13 a0=21a5d30 a1=0 a2=1b6 a3=3f4591dd40 items=0 ppid=5186 pid=5187 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="TSDBLocalQueue." exe="/usr/bin/perl" subj=unconfined_u:system_r:spacewalk_monitoring_t:s0 key=(null)
type=AVC msg=audit(1368758942.821:209): avc:  denied  { read } for  pid=5187 comm="TSDBLocalQueue." name="1368758941.8112" dev=dm-0 ino=1710193 scontext=unconfined_u:system_r:spacewalk_monitoring_t:s0 tcontext=unconfined_u:object_r:spacewalk_monitoring_log_t:s0 tclass=file


Expected results:
No AVCs
Comment 2 Jan Hutař 2013-05-17 08:05:09 UTC 
This might be relevant to bug 488792
Comment 3 Grant Gainey 2015-03-30 17:37:49 UTC 
With the release of Spacewalk 2.3, Monitoring is no longer supported.
Comment 4 Eric Herget 2017-09-28 18:10:15 UTC 
This BZ closed some time during 2.5, 2.6 or 2.7.  Adding to 2.7 tracking bug.