[Spacewalk-list] Installing, the 500 error, followup
Jan Pazdziora
jpazdziora at redhat.com
Tue Feb 3 19:11:23 UTC 2009
On Tue, Feb 03, 2009 at 01:06:54PM -0500, m.roth2006 at rcn.com wrote:
> >>
> >> * What selinux mode are you in?
>
> As of this morning, *none*.
> echo 0 > /selinux/enforce
So, permissive.
> >> After disabling selinux and running those oracle steps the 500 error
> >> went away.
> >
> >What does
> >
> > grep AVC /var/log/audit/audit.log
> >
> >show?
> >
> type=USER_AVC msg=audit(1233605913.453:8675): user pid=1973 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc: received policyload notice (seqno=16) : exe="?" (sauid=81, hostname=?, addr=?, terminal=?)'
> type=MAC_POLICY_LOAD msg=audit(1233605913.396:8676): policy loaded auid=501 ses=1278
> type=USER_AVC msg=audit(1233605917.838:8677): user pid=1973 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc: received policyload notice (seqno=17) : exe="?" (sauid=81, hostname=?, addr=?, terminal=?)'
> type=USER_ACCT msg=audit(1233606001.651:8678): user pid=13341 uid=0 auid=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='PAM: accounting acct="root" : exe="/usr/sbin/crond" (hostname=?, addr=?, terminal=cron res=success)'
So there are no AVC denials there.
Therefore I do not think that putting SELinux into permissive mode
cause any change in behaviour. So it must have been the missing
Oracle setup steps that caused the problem.
--
Jan Pazdziora | adelton at #satellite*, #brno
Satellite Engineering, Red Hat
More information about the Spacewalk-list
mailing list