[Spacewalk-list] Problems creating a Kickstart Distribution
lee
funnyvoice at tlabs.ac.za
Wed Apr 11 08:05:14 UTC 2012
On 04/11/2012 12:43 AM, James Hogarth wrote:
>>> I saw the previous posting where the resolution was to disable selinux. In our case, it's already disabled, so now I'm stuck.
>>>
>>> Any Ideas?
>> If the page that gives you the Internal Server Error is a .do page, look for traceback in /var/log/tomcat*/catalina.out. If it is a .pxt page, look in /var/log/httpd/*error_log.
>>
>> --
> Okay I have just duplicated this.... at least I think I have....
>
> Fresh install of Spacewalk 1.7 on CentOS 6 64bit with a PostgresSQL
> 8.4 backend....
>
> Repos have sync'd fine and distribution set up.....
>
> Go to create a kickstart and get an internal server error....
>
> Looking at the tomcat logs cobbler complained it could not find the
> kickstart file in /var/lib/rhn/kickstarts/wizard/
>
> Checking audit2allow/audit2why revealed:
>
> type=AVC msg=audit(1334097133.171:707): avc: denied { getattr } for
> pid=24064 comm="cobblerd"
> path="/var/lib/rhn/kickstarts/wizard/Base_Install_6--1.cfg" dev=dm-0
> ino=13767535 scontext=unconfined_u:system_r:cobblerd_t:s0
> tcontext=unconfined_u:object_r:var_lib_t:s0 tclass=file
> Was caused by:
> Missing type enforcement (TE) allow rule.
>
> You can use audit2allow to generate a loadable module to allow this access.
>
> #============= cobblerd_t ==============
> allow cobblerd_t var_lib_t:file getattr;
>
> The question then is what is the right solution? Allow cobblerd_t to
> access files of type var_lib_t (seems a bit open?) or find out
> whatever the context is meant to be on /var/lib/rhn/kickstarts and
> correct that?
>
> Can't see anything relevant on bugzilla - has anything changed between
> the 1.6 and 1.7 release that could have triggered this? Maybe a change
> in cobbler's RPM if not spacewalk itself....
>
> James
>
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-list
Hi James.
I had the exact same problem, with Spacewalk 1.7 on centos 64-bit with
postgresql...
I found the 'fix' , not to my liking. So I stayed with my oracle
implementation.
Lee
More information about the Spacewalk-list
mailing list