Bug 964065 - type=AVC msg=audit(...): avc: denied { read } for pid=... comm="TSDBLocalQueue." name="..." dev=dm-0 ino=... scontext=unconfined_u:system_r:spacewalk_monitoring_t:s0 tcontext=unconfined_u:object_r:spacewalk_monitoring_lo
type=AVC msg=audit(...): avc: denied { read } for pid=... comm="TSDBLocalQ...
Status: CLOSED WONTFIX
Product: Spacewalk
Classification: Community
Component: Server (Show other bugs)
1.8
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Michael Mráka
Red Hat Satellite QA List
:
Depends On:
Blocks: 964074 space27
  Show dependency treegraph
 
Reported: 2013-05-17 03:48 EDT by Jan Hutař
Modified: 2017-09-28 14:10 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 964074 (view as bug list)
Environment:
Last Closed: 2015-03-30 13:37:49 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jan Hutař 2013-05-17 03:48:41 EDT
Description of problem:
With Monitoring enabled and SELinux in Enforcing I see some AVC messages mentioning "upload_results" and lot of these mentioning "TSDBLocalQueue".


Version-Release number of selected component (if applicable):
spacewalk-monitoring-selinux-1.10.2-1.el6.noarch
spacewalk-selinux-1.10.1-1.el6.noarch
osa-dispatcher-selinux-5.11.25-1.el6.noarch


How reproducible:
always


Steps to Reproduce:
1. Configure Monitoring for some your client, set some probes
2. Make sure you have SELinux in Enforcing


Actual results:
time->Thu May 16 22:48:31 2013
type=SYSCALL msg=audit(1368758911.199:208): arch=c000003e syscall=2 success=no exit=-13 a0=15d61a0 a1=0 a2=1b6 a3=3f4591dd40 items=0 ppid=8643 pid=18457 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="upload_results." exe="/usr/bin/perl" subj=unconfined_u:system_r:httpd_sys_script_t:s0 key=(null)
type=AVC msg=audit(1368758911.199:208): avc:  denied  { open } for  pid=18457 comm="upload_results." name="NOCpulse.ini" dev=dm-0 ino=3028819 scontext=unconfined_u:system_r:httpd_sys_script_t:s0 tcontext=unconfined_u:object_r:spacewalk_monitoring_conf_t:s0 tclass=file
----
time->Thu May 16 22:49:02 2013
type=SYSCALL msg=audit(1368758942.821:209): arch=c000003e syscall=2 success=no exit=-13 a0=21a5d30 a1=0 a2=1b6 a3=3f4591dd40 items=0 ppid=5186 pid=5187 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="TSDBLocalQueue." exe="/usr/bin/perl" subj=unconfined_u:system_r:spacewalk_monitoring_t:s0 key=(null)
type=AVC msg=audit(1368758942.821:209): avc:  denied  { read } for  pid=5187 comm="TSDBLocalQueue." name="1368758941.8112" dev=dm-0 ino=1710193 scontext=unconfined_u:system_r:spacewalk_monitoring_t:s0 tcontext=unconfined_u:object_r:spacewalk_monitoring_log_t:s0 tclass=file


Expected results:
No AVCs
Comment 2 Jan Hutař 2013-05-17 04:05:09 EDT
This might be relevant to bug 488792
Comment 3 Grant Gainey 2015-03-30 13:37:49 EDT
With the release of Spacewalk 2.3, Monitoring is no longer supported.
Comment 4 Eric Herget 2017-09-28 14:10:15 EDT
This BZ closed some time during 2.5, 2.6 or 2.7.  Adding to 2.7 tracking bug.

Note You need to log in before you can comment on or make changes to this bug.