Hi, On Fri, Jan 5, 2018 at 3:33 AM, Paul-Andre Panon < [email protected]> wrote:
> Sigh one more correction. It was probably this post > https://www.redhat.com/archives/spacewalk-list/2017-November/msg00035.html, > and not endpoint blog link, which gave me the hint that there may be > additional issues between SELinux and SW 2.7 that had not yet been > addressed. > Thanks for ideas. It still seems to be SELinux issue with 2.7, although there is nothing added to /var/log/audit/audit.log anymore. If I do 'setenforce 0', login works just fine. With SELinux enabled, login fails and I get occasionally to /var/log/messages: Jan 5 13:50:31 setroubleshoot: SELinux is preventing java from nlmsg_relay access on the netlink_audit_socket Unknown. For complete SELinux messages run: sealert <id> $ sudo sealert -l <id> SELinux is preventing java from nlmsg_relay access on the netlink_audit_socket Unknown. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that java should be allowed nlmsg_relay access on the Unknown netlink_audit_socket by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'java' --raw | audit2allow -M my-java # semodule -i my-java.pp BR, -- Olli Rajala Finland
_______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list
