Afify, Sherif S (IBS): > Also the /var/log/audit/audit.log show the below error > > > type=AVC msg=audit(1522929930.084:173): avc: denied { search } for > pid=13523 comm="java" name="/" dev="loop0" ino=1856 > scontext=system_u:system_r:tomcat_t:s0 > tcontext=system_u:object_r:iso9660_t:s0 tclass=dir > type=SYSCALL msg=audit(1522929930.084:173): arch=c000003e syscall=4 > success=no exit=-13 a0=7fbc04144aa0 a1=7fbbf42c9c90 a2=7fbbf42c9c90 a3=5 > items=0 ppid=1 pid=13523 auid=4294967295 uid=91 gid=91 euid=91 suid=91 > fsuid=91 egid=91 sgid=91 fsgid=91 tty=(none) ses=4294967295 comm="java" > exe="/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.161-0.b14.el7_4.x86_64/jre/bin/java" > subj=system_u:system_r:tomcat_t:s0 key=(null) > type=PROCTITLE msg=audit(1522929930.084:173): > proctitle=2F7573722F6C69622F6A766D2F6A72652F62696E2F6A617661002D6561002D586D733235366D002D586D783235366D002D446A6176612E6177742E686561646C6573733D74727565002D446F72672E786D6C2E7361782E6472697665723D6F72672E6170616368652E7865726365732E706172736572732E5341585061727365 > > -----Original Message----- > From: Afify, Sherif S (IBS) > Sent: Thursday, April 5, 2018 7:55 PM > To: spacewalk-list@redhat.com > Subject: Create Kickstart Distribution issue > > I am getting the below when I create new Kickstart Distribution from web > interface : > > The initrd could not be found at the specified location: > /var/distro-trees/centos7-x86_64-server/images/pxeboot/initrd.img > > What I did so far and didn't fix the issue : > > 1- set its SELinux file type as httpd_sys_content_t " /usr/sbin/semanage > fcontext -a -t httpd_sys_content_t "/var/distro-trees(/.*)?" " & > /sbin/restorecon -R -v /var/distro-trees > 2- 644 apache.apache for all files and 755 apache.root for all directories > > > Can you help me what exactly I am missing ?
Hello, Correct selinux label for kickstart tree is system_u:object_r:spacewalk_data_t:s0. E.g. # ll kickstart/ks-centos-x86_64-server-7-7.4/ -Z drwxr-x---. apache apache system_u:object_r:spacewalk_data_t:s0 EFI -rwxr-x---. apache apache system_u:object_r:spacewalk_data_t:s0 EULA -rwxr-x---. apache apache system_u:object_r:spacewalk_data_t:s0 GPL drwxr-x---. apache apache system_u:object_r:spacewalk_data_t:s0 LiveOS drwxr-x---. apache apache system_u:object_r:spacewalk_data_t:s0 addons -rwxr-x---. apache apache system_u:object_r:spacewalk_data_t:s0 discinfo -rwxr-x---. apache apache system_u:object_r:spacewalk_data_t:s0 extra_files.json drwxr-x---. apache apache system_u:object_r:spacewalk_data_t:s0 images drwxr-x---. apache apache system_u:object_r:spacewalk_data_t:s0 isolinux -rwxr-x---. apache apache system_u:object_r:spacewalk_data_t:s0 media.repo drwxr-x---. apache apache system_u:object_r:spacewalk_data_t:s0 repodata -rwxr-x---. apache apache system_u:object_r:spacewalk_data_t:s0 treeinfo Regards, -- Michael Mráka System Management Engineering, Red Hat _______________________________________________ Spacewalk-list mailing list Spacewalk-list@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-list