Bug #28252
closedSELinux denials when connecting to cockpit using REX
Description
Description of problem:
Accessing remote host's cockpit through REX fails because of selinux.
Relevant part of audit.log:
type=PROCTITLE msg=audit(11/08/2019 15:39:58.491:137) : proctitle=/usr/libexec/cockpit-ws --no-tls --address 127.0.0.1 --port 19090
type=SYSCALL msg=audit(11/08/2019 15:39:58.491:137) : arch=x86_64 syscall=execve success=no exit=EACCES a0=0x55bbcb1cd5d0 a1=0x7ffd922d5640 a2=0x55bbcb1e1a30 a3=0x7ffd922d4d60 items=0 ppid=759 pid=8965 auid=unset uid=foreman gid=foreman euid=foreman suid=foreman fsuid=foreman egid=foreman sgid=foreman fsgid=foreman tty=(none) ses=unset comm=cockpit-ws exe=/usr/libexec/cockpit-ws subj=system_u:system_r:cockpit_ws_t:s0 key=(null)
type=AVC msg=audit(11/08/2019 15:39:58.491:137) : avc: denied { execute } for pid=8965 comm=cockpit-ws name=foreman-cockpit-session dev="vda1" ino=2231612 scontext=system_u:system_r:cockpit_ws_t:s0 tcontext=system_u:object_r:usr_t:s0 tclass=file
Updated by The Foreman Bot almost 5 years ago
- Status changed from New to Ready For Testing
- Pull request https://github.com/theforeman/foreman-selinux/pull/95 added
Updated by Anonymous almost 5 years ago
- Status changed from Ready For Testing to Closed
Applied in changeset b19486f2301c7a2a2f820cf8fd70273532db5581.
Updated by The Foreman Bot almost 5 years ago
- Pull request https://github.com/theforeman/foreman-selinux/pull/96 added
Updated by Tomer Brisker almost 5 years ago
- Fixed in Releases 1.24.0 added
- Fixed in Releases deleted (
2.0.0)
Updated by The Foreman Bot almost 5 years ago
- Pull request https://github.com/theforeman/foreman-selinux/pull/97 added
Updated by The Foreman Bot almost 5 years ago
- Pull request https://github.com/theforeman/foreman-selinux/pull/98 added