Project

General

Profile

Actions
Copy link

Bug #16270

closed

avc: denied { chown } for pid=31296 comm="radosgw" capability=0 scontext=system_u:system_r:ceph_t:s0 tcontext=system_u:system_r:ceph_t:s0 tclass=capability

Added by Yuri Weinstein almost 8 years ago. Updated almost 8 years ago.

Status:
Duplicate
Priority:
Urgent
Assignee:
-
Target version:
-
% Done:

0%

Source:
Q/A
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):

Description

Run: http://pulpito.ceph.com/teuthology-2016-06-12_02:50:02-ceph-deploy-jewel-distro-basic-mira/
Job: 254140
Logs: http://qa-proxy.ceph.com/teuthology/teuthology-2016-06-12_02:50:02-ceph-deploy-jewel-distro-basic-mira/254140/teuthology.log

2016-06-12T03:39:36.671 DEBUG:teuthology.task.selinux:ubuntu@mira061.front.sepia.ceph.com has 1 denials
2016-06-12T03:39:36.671 INFO:teuthology.orchestra.run.mira112:Running: 'sudo grep \'avc: .*denied\' /var/log/audit/audit.log | grep -v \'\\(comm="dmidecode"\\|chronyd.service\\|name="cephtest"\\|scontext=system_u:system_r:nrpe_t:s0\\|scontext=system_u:system_r:pcp_pmlogger_t\\|scontext=system_u:system_r:pcp_pmcd_t:s0\\)\''
2016-06-12T03:39:36.769 ERROR:teuthology.run_tasks:Manager failed: selinux
Traceback (most recent call last):
  File "/home/teuthworker/src/teuthology_master/teuthology/run_tasks.py", line 139, in run_tasks
    suppress = manager.__exit__(*exc_info)
  File "/home/teuthworker/src/teuthology_master/teuthology/task/__init__.py", line 134, in __exit__
    self.teardown()
  File "/home/teuthworker/src/teuthology_master/teuthology/task/selinux.py", line 144, in teardown
    self.get_new_denials()
  File "/home/teuthworker/src/teuthology_master/teuthology/task/selinux.py", line 192, in get_new_denials
    denials=new_denials[remote.name])
SELinuxError: SELinux denials found on ubuntu@mira061.front.sepia.ceph.com: ['type=AVC msg=audit(1465727407.811:4247): avc:  denied  { chown } for  pid=31296 comm="radosgw" capability=0  scontext=system_u:system_r:ceph_t:s0 tcontext=system_u:system_r:ceph_t:s0 tclass=capability']
2016-06-12T03:39:36.769 DEBUG:teuthology.run_tasks:Unwinding manager pcp

Related issues 1 (0 open1 closed)

Is duplicate of rgw - Bug #16126: selinux denials in RGWResolvedBoris Ranto06/02/2016

Actions
Actions
Copy link
 #1

Updated by Yuri Weinstein almost 8 years ago

  • Description updated (diff)
Actions
Copy link
 #2

Updated by Yuri Weinstein almost 8 years ago

  • Backport deleted (2016-06-12T03:39:36.671 DEBUG:teuthology.task.selinux:ubuntu@mira061.front.sepia.ceph.com has 1 denials 2016-06-12T03:39:36.671 INFO:teuthology.orchestra.run.mira112:Running: 'sudo grep \'avc: .*denied\' /var/log/audit/audit.log | grep -v \'\\(comm="dmidecode"\\|chronyd.service\\|name="cephtest"\\|scontext=system_u:system_r:nrpe_t:s0\\|scontext=system_u:system_r:pcp_pmlogger_t\\|scontext=system_u:system_r:pcp_pmcd_t:s0\\)\'' 2016-06-12T03:39:36.769 ERROR:teuthology.run_tasks:Manager failed: selinux Traceback (most recent call last): File "/home/teuthworker/src/teuthology_master/teuthology/run_tasks.py", line 139, in run_tasks suppress = manager.__exit__(*exc_info) File "/home/teuthworker/src/teuthology_master/teuthology/task/__init__.py", line 134, in __exit__ self.teardown() File "/home/teuthworker/src/teuthology_master/teuthology/task/selinux.py", line 144, in teardown self.get_new_denials() File "/home/teuthworker/src/teuthology_master/teuthology/task/selinux.py", line 192, in get_new_denials denials=new_denials[remote.name]) SELinuxError: SELinux denials found on ubuntu@mira061.front.sepia.ceph.com: ['type=AVC msg=audit(1465727407.811:4247): avc: denied { chown } for pid=31296 comm="radosgw" capability=0 scontext=system_u:system_r:ceph_t:s0 tcontext=system_u:system_r:ceph_t:s0 tclass=capability'] 2016-06-12T03:39:36.769 DEBUG:teuthology.run_tasks:Unwinding manager pcp)
Actions
Copy link
 #3

Updated by Yuri Weinstein almost 8 years ago

  • Description updated (diff)
Actions
Copy link
 #4

Updated by Yuri Weinstein almost 8 years ago

  • Project changed from Ceph to sepia
  • Assignee set to David Galloway
Actions
Copy link
 #5

Updated by Zack Cerza almost 8 years ago

  • Project changed from sepia to rgw
  • Subject changed from "SELinux denials found on ubuntu@mira061.front.sepia.ceph.com" in ceph-deploy-jewel-distro-basic-mira to avc: denied { chown } for pid=31296 comm="radosgw" capability=0 scontext=system_u:system_r:ceph_t:s0 tcontext=system_u:system_r:ceph_t:s0 tclass=capability
  • Assignee deleted (David Galloway)

This is rgw, not sepia

Actions
Copy link
 #6

Updated by Nathan Cutler almost 8 years ago

  • Related to Bug #16126: selinux denials in RGW added
Actions
Copy link
 #7

Updated by Nathan Cutler almost 8 years ago

I added relates to #16126, but maybe it should be "duplicates".

Actions
Copy link
 #8

Updated by Orit Wasserman almost 8 years ago

  • Status changed from New to Duplicate

duplicate #16126

Actions
Copy link
 #9

Updated by Nathan Cutler almost 8 years ago

  • Related to deleted (Bug #16126: selinux denials in RGW)
Actions
Copy link
 #10

Updated by Nathan Cutler almost 8 years ago

  • Is duplicate of Bug #16126: selinux denials in RGW added
Actions
Copy link

Also available in: Atom PDF