[Spacewalk-list] CentOS 6.6 upgrade breaks osad on SW 2.1 clients that have SELinux in enforcing mode
Andy Ingham
andy.ingham at duke.edu
Thu Nov 6 17:48:20 UTC 2014
Ever since updating from CentOS 6.5 > 6.6, my servers (which are all at
spacewalk client version 2.1) are showing:
+++++++++++++++++++++++++
SELinux is preventing /usr/bin/python from name_connect access on the
tcp_socket .
***** Plugin catchall (100. confidence) suggests
***************************
If you believe that python should be allowed name_connect access on the
tcp_socket by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep osad /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
+++++++++++++++++++++++++
And FWIW, attempting to mitigate by adding a local policy (as the above
notice instructs) ALSO FAILS:
[root at HOSTNAME local_policy]# semodule -i osad.pp
libsepol.print_missing_requirements: osad's global requirements were not
met: type/attribute osad_t (No such file or directory).
libsemanage.semanage_link_sandbox: Link packages failed (No such file or
directory).
semodule: Failed!
Is this a known issue?
Andy
Andy Ingham
IT Infrastructure
Fuqua School of Business
Duke University
More information about the Spacewalk-list
mailing list