I'm only going to respond to SELinux parts of your post because I feel I have some knowledge in that.
On Mon, Feb 02, 2009 at 11:06:31AM -0500, [email protected] wrote: > Here's all that I did. I gave up after spending a couple hours trying to > debug the perl code.... > ********************* > This a) gets rid of wrapper not starting, and failing. > b) fixes selinux to let it all run. [...] > ######################################################### > Changes made to configurations: > Shut down selinux > http and oracle need policies added: > > #============= httpd_t ============== > allow httpd_t auditd_log_t:dir search; > allow httpd_t file_t:dir search; > allow httpd_t user_home_t:dir search; > #============= oracle_sqlplus_t ============== allow oracle_sqlplus_t > file_t:dir search; Can you please send the output of grep AVC /var/log/audit/audit.log ? Because these don't seem correct. Apache should not be looking at audit log, there shouldn't be any generic file_t directories around, etc. I've tested Spacewalk 0.4 pretty extensively and it should not produce any AVC denials if you do not use Spacewalk Proxy or monitoring. Please, also see https://fedorahosted.org/spacewalk/wiki/Features/SELinux which lists what the intended setup looks like -- it might help you to debug your server. -- Jan Pazdziora | adelton at #satellite*, #brno Satellite Engineering, Red Hat _______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list
