[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Spacewalk-list] CentOS 6.6 upgrade breaks osad on SW 2.1 clients that have SELinux in enforcing mode



Ran into the same issue and found this blog post
Short tip: osad: Unable to connect to the host and port specified (EL6.6 + EL7)

semanage permissive -a osad_t




On Thu, Nov 6, 2014 at 12:59 PM, Kevin Sandy <kevin digitallotus com> wrote:
I’ve been seeing this as well.  Clients are on CentOS 6.6 with Spacewalk 2.2.  I’ve had to put SELinux in permissive mode for now.


-- kevin



On Nov 6, 2014, at 12:48 PM, Andy Ingham <andy ingham duke edu> wrote:

Ever since updating from CentOS 6.5 > 6.6, my servers (which are all at
spacewalk client version 2.1) are showing:


+++++++++++++++++++++++++
SELinux is preventing /usr/bin/python from name_connect access on the
tcp_socket .

*****  Plugin catchall (100. confidence) suggests
***************************

If you believe that python should be allowed name_connect access on the
tcp_socket by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep osad /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
+++++++++++++++++++++++++





And FWIW, attempting to mitigate by adding a local policy (as the above
notice instructs) ALSO FAILS:

[root HOSTNAME local_policy]# semodule -i osad.pp
libsepol.print_missing_requirements: osad's global requirements were not
met: type/attribute osad_t (No such file or directory).
libsemanage.semanage_link_sandbox: Link packages failed (No such file or
directory).
semodule:  Failed!





Is this a known issue?


Andy

Andy Ingham
IT Infrastructure
Fuqua School of Business
Duke University






_______________________________________________
Spacewalk-list mailing list
Spacewalk-list redhat com
https://www.redhat.com/mailman/listinfo/spacewalk-list


_______________________________________________
Spacewalk-list mailing list
Spacewalk-list redhat com
https://www.redhat.com/mailman/listinfo/spacewalk-list


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]