[Spacewalk-list] selinux conflict with kickstart setup
Jim Kinney
jim.kinney at gtri.gatech.edu
Mon Jan 17 22:32:32 UTC 2011
Setting up kickstart with spacewalk 1.2 and system would error after
entering initial root password
Jan 17 17:20:01 myhost kernel: [101014.659986] type=1400
audit(1295302801.983:65538): avc: denied { getattr } for pid=27040
comm="cobblerd" path="/var/lib/rhn/kickstarts/wizard/testks--1.cfg"
dev=dm-3 ino=660101 scontext=system_u:system_r:cobblerd_t:s0
tcontext=system_u:object_r:var_lib_t:s0 tclass=file
So process needs to create the kickstart files as
system_u:system_r:cobblerd_t or should allowed tomcat read/write be for
system_u:object_r:var_lib_t ?
Error from tomcat/apache below:
The following exception occurred while executing this request:
POST /rhn/kickstart/CreateProfileWizard.do
Date:1/17/11 5:20:01 PM EST
Headers:
host: myhost
user-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.13)
Gecko/20110103 Fedora/3.6.13-1.fc14 Firefox/3.6.13
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-us,en;q=0.5
accept-encoding: gzip,deflate
accept-charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
connection: keep-alive
referer: https://myhost/rhn/kickstart/CreateProfileWizard.do
cookie: JSESSIONID=456BC31BEC0834860D794EA6179A6AC3;
__utma=109337107.1967451776.1290524998.1290524998.1294326450.2;
__utmz=109337107.1290524998.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none);
__utma=152187247.805255830.1292443166.1292612496.1293466387.6;
__utmz=152187247.1292443166.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=gtri;
pxt-session-cookie=50xd9a709a03e5263d1021c854df15ecd3a
content-type: application/x-www-form-urlencoded
content-length: 214
Request:
Local Name = myhost
Server Name = myhost
Requested Session Id came from Cookie
Requested Session Valid = true
Session =
org.apache.catalina.session.StandardSessionFacade at 363470e4[session=StandardSession[456BC31BEC0834860D794EA6179A6AC3]]
Protocol = https
Request Locale = en_US
Request Character Encoding = UTF-8
Attribute Names = rhnActiveLang, javax.servlet.request.ssl_session,
org.apache.struts.action.MESSAGE,
javax.servlet.jsp.jstl.fmt.timeZone.request, session,
javax.servlet.request.key_size, __sitemesh__filterapplied,
javax.servlet.request.cipher_suite, requestedUri,
kickstartCreateWizardForm, org.apache.struts.action.mapping.instance,
org.apache.struts.action.MODULE,
Form Variables:
prevStep: second
rootPasswordConfirm: myrootfoo
rootPassword: myrootfoo
virtualizationTypeLabel: none
defaultDownload: true
nextStep: complete
kickstartLabel: testks
kstreeId: 1
userDefinedDownload:
wizardStep: complete
User Information:
User jkinney (id 1, org_id 1)
Exception:
javax.servlet.ServletException: java.lang.reflect.InvocationTargetException
at
org.apache.struts.action.RequestProcessor.processException(RequestProcessor.java:535)
at
org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:433)
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236)
at
com.redhat.rhn.frontend.struts.RhnRequestProcessor.process(RhnRequestProcessor.java:82)
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196)
at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
com.redhat.rhn.frontend.servlets.AuthFilter.doFilter(AuthFilter.java:101)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:142)
at
com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:58)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
com.redhat.rhn.frontend.servlets.LocalizedEnvironmentFilter.doFilter(LocalizedEnvironmentFilter.java:67)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
com.redhat.rhn.frontend.servlets.EnvironmentFilter.doFilter(EnvironmentFilter.java:108)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
com.redhat.rhn.frontend.servlets.SessionFilter.doFilter(SessionFilter.java:55)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
com.redhat.rhn.frontend.servlets.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:97)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:769)
at
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:698)
at
org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:891)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
at java.lang.Thread.run(Thread.java:636)
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:616)
at
com.redhat.rhn.frontend.struts.wizard.WizardStep.invoke(WizardStep.java:116)
at
com.redhat.rhn.frontend.struts.wizard.RhnWizardAction.dispatch(RhnWizardAction.java:103)
at
com.redhat.rhn.frontend.struts.wizard.RhnWizardAction.execute(RhnWizardAction.java:89)
at
com.redhat.rhn.frontend.action.kickstart.CreateProfileWizardAction.execute(CreateProfileWizardAction.java:104)
at
org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431)
... 40 more
Caused by: org.cobbler.XmlRpcException: XmlRpcException calling cobbler.
at org.cobbler.CobblerConnection.invokeMethod(CobblerConnection.java:120)
at
org.cobbler.CobblerConnection.invokeTokenMethod(CobblerConnection.java:150)
at org.cobbler.Profile.invokeModify(Profile.java:158)
at org.cobbler.CobblerObject.modify(CobblerObject.java:148)
at org.cobbler.Profile.setKickstart(Profile.java:299)
at
com.redhat.rhn.manager.kickstart.cobbler.CobblerProfileCreateCommand.store(CobblerProfileCreateCommand.java:82)
at
com.redhat.rhn.manager.kickstart.KickstartWizardHelper.store(KickstartWizardHelper.java:193)
at
com.redhat.rhn.domain.kickstart.builder.KickstartBuilder.create(KickstartBuilder.java:545)
at
com.redhat.rhn.frontend.action.kickstart.CreateProfileWizardAction.runComplete(CreateProfileWizardAction.java:288)
... 49 more
Caused by: redstone.xmlrpc.XmlRpcFault: <class
'cobbler.cexceptions.CX'>:'kickstart not found:
/var/lib/rhn/kickstarts/wizard/testks--1.cfg'
at redstone.xmlrpc.XmlRpcClient.handleResponse(XmlRpcClient.java:443)
at redstone.xmlrpc.XmlRpcClient.endCall(XmlRpcClient.java:376)
at redstone.xmlrpc.XmlRpcClient.invoke(XmlRpcClient.java:165)
at org.cobbler.CobblerConnection.invokeMethod(CobblerConnection.java:117)
... 57 more
--
Jim Kinney
Signature Technologies Lab
404-407-7967
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3094 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20110117/de5a049f/attachment.p7s>
More information about the Spacewalk-list
mailing list