Project

General

Profile

Actions

Bug #28252

closed

SELinux denials when connecting to cockpit using REX

Added by Lukas Zapletal almost 5 years ago. Updated almost 5 years ago.

Status:
Closed
Priority:
Normal
Category:
-
Target version:
-

Description

Description of problem:
Accessing remote host's cockpit through REX fails because of selinux.

Relevant part of audit.log:

type=PROCTITLE msg=audit(11/08/2019 15:39:58.491:137) : proctitle=/usr/libexec/cockpit-ws --no-tls --address 127.0.0.1 --port 19090
type=SYSCALL msg=audit(11/08/2019 15:39:58.491:137) : arch=x86_64 syscall=execve success=no exit=EACCES a0=0x55bbcb1cd5d0 a1=0x7ffd922d5640 a2=0x55bbcb1e1a30 a3=0x7ffd922d4d60 items=0 ppid=759 pid=8965 auid=unset uid=foreman gid=foreman euid=foreman suid=foreman fsuid=foreman egid=foreman sgid=foreman fsgid=foreman tty=(none) ses=unset comm=cockpit-ws exe=/usr/libexec/cockpit-ws subj=system_u:system_r:cockpit_ws_t:s0 key=(null)
type=AVC msg=audit(11/08/2019 15:39:58.491:137) : avc: denied { execute } for pid=8965 comm=cockpit-ws name=foreman-cockpit-session dev="vda1" ino=2231612 scontext=system_u:system_r:cockpit_ws_t:s0 tcontext=system_u:object_r:usr_t:s0 tclass=file

Actions

Also available in: Atom PDF