[Spacewalk-list] CentOS 6.6 upgrade breaks osad on SW 2.1 clients that have SELinux in enforcing mode

ndegz nndegz at gmail.com
Fri Nov 7 20:18:42 UTC 2014 

Ran into the same issue and found this blog post
Short tip: osad: Unable to connect to the host and port specified (EL6.6 +
EL7) <http://blog.christian-stankowic.de/?p=6341&lang=en>

semanage permissive -a osad_t




On Thu, Nov 6, 2014 at 12:59 PM, Kevin Sandy <kevin at digitallotus.com> wrote:

> I’ve been seeing this as well.  Clients are on CentOS 6.6 with Spacewalk
> 2.2.  I’ve had to put SELinux in permissive mode for now.
>
>
> -- kevin
>
>
>
> On Nov 6, 2014, at 12:48 PM, Andy Ingham <andy.ingham at duke.edu> wrote:
>
> Ever since updating from CentOS 6.5 > 6.6, my servers (which are all at
> spacewalk client version 2.1) are showing:
>
>
> +++++++++++++++++++++++++
> SELinux is preventing /usr/bin/python from name_connect access on the
> tcp_socket .
>
> *****  Plugin catchall (100. confidence) suggests
> ***************************
>
> If you believe that python should be allowed name_connect access on the
> tcp_socket by default.
> Then you should report this as a bug.
> You can generate a local policy module to allow this access.
> Do
> allow this access for now by executing:
> # grep osad /var/log/audit/audit.log | audit2allow -M mypol
> # semodule -i mypol.pp
> +++++++++++++++++++++++++
>
>
>
>
>
> And FWIW, attempting to mitigate by adding a local policy (as the above
> notice instructs) ALSO FAILS:
>
> [root at HOSTNAME local_policy]# semodule -i osad.pp
> libsepol.print_missing_requirements: osad's global requirements were not
> met: type/attribute osad_t (No such file or directory).
> libsemanage.semanage_link_sandbox: Link packages failed (No such file or
> directory).
> semodule:  Failed!
>
>
>
>
>
> Is this a known issue?
>
>
> Andy
>
> Andy Ingham
> IT Infrastructure
> Fuqua School of Business
> Duke University
>
>
>
>
>
>
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
>
>
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20141107/a1f3f5e9/attachment.htm>

More information about the Spacewalk-list mailing list