Hi, We had working PAM authentication in our Spacewalk 2.6 running on CentOS 7.4.1708, and it was updated + rebooted today. After some update during autumn PAM authentication stopped working. Unfortunately I can't be more specific. I know when it worked (24.7.2017), but not when it stopped. Another instance of Spacewalk 2.6 on CentOS 6.9 seems to work just fine, so this is related to CentOS 7.
The issue is the same as described in this post: https://www.redhat.com/archives/spacewalk-list/2017-September/msg00007.html Raw Audit Messages type=AVC msg=audit(1514881078.526:6091): avc: denied { create } for pid=1037 comm="java" scontext=system_u:system_r:tomcat_t:s0 tcontext=system_u:system_r:tomcat_t:s0 tclass=netlink_audit_socket SELinux is preventing /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.144-0.b01.el7_4.x86_64/jre/bin/java from getattr access on the direry /var/log/rhn. $ rpm -qa | grep spacewalk-selinux spacewalk-selinux-2.3.2-1.el7.noarch Any ideas? Disabling SELinux is not a possibility. Luckily we can login with local accounts, but would prefer PAM authentication. BR, -- Olli Rajala Finland
_______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list
