[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Spacewalk-list] CentOS 6.6 upgrade breaks osad on SW 2.1 clients that have SELinux in enforcing mode



Hi Stephen

We're using spacewalk 2.2 server with 2.2 clients. You asked, if it's a problem on spacewalk/client 2.2 also...

If we provision a centos 6.5 (spacewalk client 2.2) we are able to use jabber; if we provision 6.6 (or update 6.5 to 6.6) it won't work anymore (denied by selinux). You then have to enable a workaround as stated in bugzilla issue (kind of disable selinux enforced mode for osad_t for example).

It is not security relevant, but quite sad that you will not be able to use jabber with spacewalk 2.2/centos 6.6.

Cheers,
Rolf

-----Urspr√ľngliche Nachricht-----
Von: Stephen Herr [mailto:sherr redhat com] 
Gesendet: Freitag, 21. November 2014 15:17
An: stuart green doccentrics com; spacewalk-list redhat com
Betreff: Re: [Spacewalk-list] CentOS 6.6 upgrade breaks osad on SW 2.1 clients that have SELinux in enforcing mode

No, you could make that argument about every single bug ever filed against Spacewalk. By "security related" I mean related to users being able to escalate their privileges on Spacewalk server or unauthenticated attackers gaining access to information they should not have.

I've asked this question in the bug too, but do you know if the 2.2 clients work correctly? If they do then this will likely never get fixed in old versions of Spacewalk.

-Stephen

On 11/21/2014 06:41 AM, Stuart Green wrote:
> OK, I guess this is indirectly security related if the fix is to 
> disable part of a security component?
>
>
> On 20/11/2014 19:40, Stephen Herr wrote:
>> On 11/14/2014 10:21 AM, Stuart Green wrote:
>>> Found a public bug report, not sure  much attention 'medium' 
>>> severity gets?
>>> https://bugzilla.redhat.com/show_bug.cgi?id=1161288
>>>
>>
>> Generally Spacewalk bugs are not fixed until the next release, FYI 
>> (unless it's security related).
>>
>> -Stephen
>

Attachment: smime.p7s
Description: S/MIME cryptographic signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]