Project

General

Profile

Actions
Copy link

Bug #19757

closed

SELINUX denies loading SmartProxy overview page

Added by Tony Coffman almost 7 years ago. Updated over 5 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Eric Helms
Category:
SElinux
Target version:
-
Difficulty:
Triaged:
Yes
Bugzilla link:
Pull request:
Fixed in Releases:
Katello 3.6.1
Found in Releases:
Red Hat JIRA:

Description

katello-3.4.0-3.el7.noarch
katello-selinux-3.0.2-1.el7.noarch
pulp-selinux-2.12.2-1.el7.noarch

I get this in /var/log/audit/audit.log and the page shows under Pulp Storage "Error retrieving Pulp storage"

type=AVC msg=audit(1496255372.228:263): avc: denied { getattr } for pid=13642 comm="ruby" path="/var/lib/pulp" dev="dm-2" ino=201524082 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:httpd_sys_rw_content_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.228:263): arch=c000003e syscall=4 success=no exit=-13 a0=1f33db0 a1=7f70b6c35b00 a2=7f70b6c35b00 a3=e3dca8 items=0 ppid=1 pid=13642 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="ruby" exe="/usr/bin/ruby" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.228:264): avc: denied { search } for pid=13642 comm="ruby" name="pulp" dev="dm-2" ino=201524082 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:httpd_sys_rw_content_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.228:264): arch=c000003e syscall=4 success=no exit=-13 a0=1f336f8 a1=7f70b6c35be0 a2=7f70b6c35be0 a3=e3dca8 items=0 ppid=1 pid=13642 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="ruby" exe="/usr/bin/ruby" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.229:265): avc: denied { getattr } for pid=13642 comm="ruby" path="/var/lib/mongodb" dev="dm-2" ino=201332847 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:mongod_var_lib_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.229:265): arch=c000003e syscall=4 success=no exit=-13 a0=1f32e10 a1=7f70b6c35be0 a2=7f70b6c35be0 a3=e3dca8 items=0 ppid=1 pid=13642 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="ruby" exe="/usr/bin/ruby" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.243:266): avc: denied { getattr } for pid=13643 comm="df" path="/sys/fs/cgroup/systemd" dev="cgroup" ino=1146 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.243:266): arch=c000003e syscall=4 success=no exit=-13 a0=21ab8b0 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=2 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.243:267): avc: denied { getattr } for pid=13643 comm="df" path="/sys/fs/pstore" dev="pstore" ino=1154 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:pstore_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.243:267): arch=c000003e syscall=4 success=no exit=-13 a0=21ab950 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=2 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.243:268): avc: denied { getattr } for pid=13643 comm="df" path="/sys/firmware/efi/efivars" dev="efivarfs" ino=1155 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:efivarfs_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.243:268): arch=c000003e syscall=4 success=no exit=-13 a0=21ab9f0 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=2 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.243:269): avc: denied { getattr } for pid=13643 comm="df" path="/sys/fs/cgroup/cpuset" dev="cgroup" ino=1197 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.243:269): arch=c000003e syscall=4 success=no exit=-13 a0=21abaa0 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=2 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.243:270): avc: denied { getattr } for pid=13643 comm="df" path="/sys/fs/cgroup/devices" dev="cgroup" ino=1218 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.243:270): arch=c000003e syscall=4 success=no exit=-13 a0=21abb40 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=2 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.243:271): avc: denied { getattr } for pid=13643 comm="df" path="/sys/fs/cgroup/cpu,cpuacct" dev="cgroup" ino=1230 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.243:271): arch=c000003e syscall=4 success=no exit=-13 a0=21abbe0 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=2 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.243:272): avc: denied { getattr } for pid=13643 comm="df" path="/sys/fs/cgroup/memory" dev="cgroup" ino=1250 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.243:272): arch=c000003e syscall=4 success=no exit=-13 a0=21abc90 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=2 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.243:273): avc: denied { getattr } for pid=13643 comm="df" path="/sys/fs/cgroup/pids" dev="cgroup" ino=1285 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.243:273): arch=c000003e syscall=4 success=no exit=-13 a0=21abd30 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=2 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.243:274): avc: denied { getattr } for pid=13643 comm="df" path="/sys/fs/cgroup/net_cls,net_prio" dev="cgroup" ino=1295 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.243:274): arch=c000003e syscall=4 success=no exit=-13 a0=21abdd0 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=2 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.243:275): avc: denied { getattr } for pid=13643 comm="df" path="/sys/fs/cgroup/blkio" dev="cgroup" ino=1309 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.243:275): arch=c000003e syscall=4 success=no exit=-13 a0=21abe80 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=2 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.244:276): avc: denied { getattr } for pid=13643 comm="df" path="/sys/fs/cgroup/hugetlb" dev="cgroup" ino=1345 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.244:276): arch=c000003e syscall=4 success=no exit=-13 a0=21abf20 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=2 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.244:277): avc: denied { getattr } for pid=13643 comm="df" path="/sys/fs/cgroup/freezer" dev="cgroup" ino=1358 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.244:277): arch=c000003e syscall=4 success=no exit=-13 a0=21abfc0 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=2 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.244:278): avc: denied { getattr } for pid=13643 comm="df" path="/sys/fs/cgroup/perf_event" dev="cgroup" ino=1367 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.244:278): arch=c000003e syscall=4 success=no exit=-13 a0=21ac060 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=2 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.244:279): avc: denied { getattr } for pid=13643 comm="df" path="/sys/kernel/config" dev="configfs" ino=1558 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:configfs_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.244:279): arch=c000003e syscall=4 success=no exit=-13 a0=21ac110 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=2 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.244:280): avc: denied { search } for pid=13643 comm="df" name="fs" dev="proc" ino=8301 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:sysctl_fs_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.244:280): arch=c000003e syscall=4 success=no exit=-13 a0=21ac2f0 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=7ffee0e4f410 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.244:281): avc: denied { getattr } for pid=13643 comm="df" path="/dev/hugepages" dev="hugetlbfs" ino=12247 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:hugetlbfs_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.244:281): arch=c000003e syscall=4 success=no exit=-13 a0=21ac3a0 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=7ffee0e4f410 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.244:282): avc: denied { getattr } for pid=13643 comm="df" path="/proc/fs/nfsd" dev="nfsd" ino=1 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:nfsd_fs_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.244:282): arch=c000003e syscall=4 success=no exit=-13 a0=21ac580 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=2 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.244:283): avc: denied { getattr } for pid=13643 comm="df" path="/boot/efi" dev="sda1" ino=1 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:dosfs_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.244:283): arch=c000003e syscall=4 success=no exit=-13 a0=21ac6c0 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=2 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.244:284): avc: denied { search } for pid=13643 comm="df" name="nfs" dev="dm-2" ino=67307922 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:var_lib_nfs_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.244:284): arch=c000003e syscall=4 success=no exit=-13 a0=21ac800 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=2 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.244:285): avc: denied { getattr } for pid=13643 comm="df" path="/misc" dev="autofs" ino=19975 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:autofs_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.244:285): arch=c000003e syscall=4 success=no exit=-13 a0=21ac8a0 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=2 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.244:286): avc: denied { getattr } for pid=13643 comm="df" path="/net" dev="autofs" ino=21092 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:autofs_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.244:286): arch=c000003e syscall=4 success=no exit=-13 a0=21ac940 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=2 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.244:287): avc: denied { getattr } for pid=13643 comm="df" path="/home" dev="autofs" ino=22589 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:autofs_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.244:287): arch=c000003e syscall=4 success=no exit=-13 a0=21ac9e0 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=2 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.244:288): avc: denied { search } for pid=13643 comm="df" name="/" dev="autofs" ino=22589 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:autofs_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.244:288): arch=c000003e syscall=4 success=no exit=-13 a0=21acb40 a1=7ffee0e4f740 a2=7ffee0e4f740 a3=2 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.244:289): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="dm-0" ino=64 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:fs_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.244:289): arch=c000003e syscall=137 success=no exit=-13 a0=21ac1b0 a1=7ffee0e4ef40 a2=1 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.244:290): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="devtmpfs" ino=1025 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.244:290): arch=c000003e syscall=137 success=no exit=-13 a0=21ab4f0 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.245:291): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="tmpfs" ino=1141 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.245:291): arch=c000003e syscall=137 success=no exit=-13 a0=21ab630 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.245:292): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="tmpfs" ino=1143 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.245:292): arch=c000003e syscall=137 success=no exit=-13 a0=21ab770 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.245:293): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="tmpfs" ino=1144 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.245:293): arch=c000003e syscall=137 success=no exit=-13 a0=21ab810 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.245:294): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="cgroup" ino=1146 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.245:294): arch=c000003e syscall=137 success=no exit=-13 a0=21ab8b0 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.245:295): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="pstore" ino=1154 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:pstore_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.245:295): arch=c000003e syscall=137 success=no exit=-13 a0=21ab950 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.245:296): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="efivarfs" ino=1155 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:efivarfs_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.245:296): arch=c000003e syscall=137 success=no exit=-13 a0=21ab9f0 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.245:297): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="cgroup" ino=1197 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.245:297): arch=c000003e syscall=137 success=no exit=-13 a0=21abaa0 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.245:298): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="cgroup" ino=1218 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.245:298): arch=c000003e syscall=137 success=no exit=-13 a0=21abb40 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.245:299): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="cgroup" ino=1230 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.245:299): arch=c000003e syscall=137 success=no exit=-13 a0=21abbe0 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.245:300): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="cgroup" ino=1250 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.245:300): arch=c000003e syscall=137 success=no exit=-13 a0=21abc90 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.245:301): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="cgroup" ino=1285 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.245:301): arch=c000003e syscall=137 success=no exit=-13 a0=21abd30 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.245:302): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="cgroup" ino=1295 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.245:302): arch=c000003e syscall=137 success=no exit=-13 a0=21abdd0 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.245:303): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="cgroup" ino=1309 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.245:303): arch=c000003e syscall=137 success=no exit=-13 a0=21abe80 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.245:304): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="cgroup" ino=1345 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.245:304): arch=c000003e syscall=137 success=no exit=-13 a0=21abf20 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.245:305): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="cgroup" ino=1358 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.245:305): arch=c000003e syscall=137 success=no exit=-13 a0=21abfc0 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.245:306): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="cgroup" ino=1367 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.245:306): arch=c000003e syscall=137 success=no exit=-13 a0=21ac060 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.245:307): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="configfs" ino=1558 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:configfs_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.245:307): arch=c000003e syscall=137 success=no exit=-13 a0=21ac110 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.245:308): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="hugetlbfs" ino=12247 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:hugetlbfs_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.245:308): arch=c000003e syscall=137 success=no exit=-13 a0=21ac3a0 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.245:309): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="nfsd" ino=1 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:nfsd_fs_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.245:309): arch=c000003e syscall=137 success=no exit=-13 a0=21ac580 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.246:310): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="sda2" ino=64 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:fs_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.246:310): arch=c000003e syscall=137 success=no exit=-13 a0=21ac620 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.246:311): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="sda1" ino=1 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:dosfs_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.246:311): arch=c000003e syscall=137 success=no exit=-13 a0=21ac6c0 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.246:312): avc: denied { getattr } for pid=13643 comm="df" name="/" dev="dm-2" ino=64 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:fs_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1496255372.246:312): arch=c000003e syscall=137 success=no exit=-13 a0=21ac760 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1496255372.246:313): avc: denied { search } for pid=13643 comm="df" name="/" dev="autofs" ino=22589 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:autofs_t:s0 tclass=dir
type=SYSCALL msg=audit(1496255372.246:313): arch=c000003e syscall=137 success=no exit=-13 a0=21acb40 a1=7ffee0e4ef40 a2=7ffee0e4f270 a3=7ffee0e4ee00 items=0 ppid=3327 pid=13643 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="df" exe="/usr/bin/df" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)

Actions
Copy link
 #1

Updated by Eric Helms almost 7 years ago

  • translation missing: en.field_release set to 258
Actions
Copy link
 #2

Updated by Justin Sherrill almost 7 years ago

  • Category set to SElinux
  • translation missing: en.field_release changed from 258 to 267
Actions
Copy link
 #3

Updated by Justin Sherrill almost 7 years ago

  • translation missing: en.field_release changed from 267 to 281
Actions
Copy link
 #4

Updated by Eric Helms over 6 years ago

  • translation missing: en.field_release changed from 281 to 286
Actions
Copy link
 #5

Updated by Eric Helms over 6 years ago

  • Status changed from New to Assigned
  • Assignee set to Eric Helms
Actions
Copy link
 #6

Updated by Eric Helms over 6 years ago

  • Status changed from Assigned to Need more information

I am not seeing this when using Katello 3.4.4 (which has Pulp 2.13.2). Can you re-test this on latest? If you still see it, give us more insight into anything special with your environment setup?

Actions
Copy link
 #7

Updated by Tony Coffman over 6 years ago

Just did the update to 3.4.4 and it looks the same.

katello-3.4.4-2.el7.noarch
katello-selinux-3.0.2-1.el7.noarch
pulp-selinux-2.13.2-1.el7.noarch

I'm not sure what kind of environmental factors could affect this. It's failing trying to run the df command on the filesystems that are local to the smart proxy. Putting SELINUX into permissive mode allows the smart proxy overview page to display the info normally.

One thing I should clarify that may shed some light on this - I don't get this when I load the smart proxy overview page for a stand alone content smart proxy (doing that works normally). I only get this when I try to view the details for the smart proxy that is colocated on the Foreman master server.

Actions
Copy link
 #8

Updated by Eric Helms over 6 years ago

  • translation missing: en.field_release changed from 286 to 295
Actions
Copy link
 #9

Updated by Tony Coffman almost 6 years ago

Tested this on 3.6.0 and this issue is resolved.

Actions
Copy link
 #10

Updated by Ewoud Kohl van Wijngaarden over 5 years ago

  • Status changed from Need more information to Resolved
  • Triaged changed from Yes to No
Actions
Copy link
 #11

Updated by Andrew Kofink over 5 years ago

  • Target version deleted (Katello 3.4.6)
  • Triaged changed from No to Yes
  • Fixed in Releases Katello 3.6.1 added
Actions
Copy link

Also available in: Atom PDF