[Spacewalk-list] Issues with rhnsd service after upgrade to Spacewalk 2.8 on CentOS 7.4

[Millage, Joel]

I had been running Spacewalk 2.7 on CentOS 7.4 without issue.  I decided to upgrade to Spacewalk 2.8 and have been having issues with the rhsd service and Spacewalk 2.8.   My systems can't seem to check-in via the service anymore.  If I run "rhn_check' manually it works fine and checks-in without issue.

I seem to have several selinux issues in /var/log/messages like:

SELinux is preventing /usr/bin/python2.7 from getattr access on the file /proc/cpuinfo. For complete SELinux messages run: sealert -l cf05a2d4-8473-4345-999a-b42923f52678
May 14 11:04:02 python: SELinux is preventing /usr/bin/python2.7 from getattr access on the file /proc/cpuinfo.#012#012*****  Plugin catchall (100. confidence) suggests   **************************#012#012If you believe that python2.7 should be allowed getattr access on the cpuinfo file by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'rhn_check' --raw | audit2allow -M my-rhncheck#012# semodule -i my-rhncheck.pp#012

If I run the cmds as it suggests it will then check-in maybe once a day but not hourly like I have the rhnsd service configured and this one below:

setroubleshoot: SELinux is preventing rhn_check from open access on the file /etc/pki/nss-legacy/nss-rhel7.config. For complete SELinux messages run: sealert -l a8ca376b-3a59-479b-aa22-97c45fed0ae5
May 14 11:00:01 python: SELinux is preventing rhn_check from open access on the file /etc/pki/nss-legacy/nss-rhel7.config.#012#012*****  Plugin catchall (100. confidence) suggests   **************************#012#012If you believe that rhn_check should be allowed open access on the nss-rhel7.config file by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'rhn_check' --raw | audit2allow -M my-rhncheck#012# semodule -i my-rhncheck.pp#012

Never seems to go away even if I do what is requested by it.   Spacwalk also can't seem to do the daily configuration diff as it will just hang forever and fail.   I have some clients that I never upgrade to Spacewalk 2.8 and are still on 2.7 and they still are checking in without issue on the hour and can do the configuration file copare.

I also tried to run: sudo rhn-actions-control --enable-all on the problem systems but didn't make any difference.  Is there some other SELINUX cmds or packages I need to install for 2.8 that I am missing?

Thanks!

Joel Millage
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20180514/cf96669b/attachment.htm>