Project

General

Profile

Bug #46424

[RGW]: avc denial observed for pid=13757 comm="radosgw" on starting RabbitMQ at port 5672

Added by Kaleb KEITHLEY 27 days ago. Updated 27 days ago.

Status:
Pending Backport
Priority:
Normal
Target version:
% Done:

0%

Source:
Tags:
Backport:
nautilus octopus
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature:

Description

https://bugzilla.redhat.com/show_bug.cgi?id=1854083On starting the RabbitMQ broker on port 5672, observed avc denied for pid=13757 comm="radosgw" at rabbitmq_port = 5672

logs:
------
type=USER_START msg=audit(1593512305.539:17041): pid=15297 uid=0 auid=0 ses=939 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_unix acct="rabbitmq" exe="/usr/sbin/runuser" hostname=buckeye.lab.eng.blr.redhat.com addr=? terminal=pts/0 res=success'
type=AVC msg=audit(1593512311.071:17042): avc: denied { name_connect } for pid=13757 comm="radosgw" dest=5672 scontext=system_u:system_r:ceph_t:s0 tcontext=system_u:object_r:amqp_port_t:s0 tclass=tcp_socket permissive=1

Similar results observed with http_server running at port 8000 :

logs:

type=AVC msg=audit(1593695762.198:18299): avc: denied { name_connect } for pid=13757 comm="http_manager" dest=8000 scontext=system_u:system_r:ceph_t:s0 tcontext=system_u:object_r:soundd_port_t:s0 tclass=tcp_socket permissive=1
type=SYSCALL msg=audit(1593695762.198:18299): arch=c000003e syscall=42 success=no exit=-115 a0=bb a1=7f3f496e4170 a2=10 a3=7f3f496e3a60 items=0 ppid=1 pid=13757 auid=4294967295 uid=167 gid=167 euid=167 suid=167 fsuid=167 egid=167 sgid=167 fsgid=167 tty=(none) ses=4294967295 comm="http_manager" exe="/usr/bin/radosgw" subj=system_u:system_r:ceph_t:s0 key=(null)

Version-Release number of selected component (if applicable):
ceph version 14.2.8-79.el7cp (2d4542a7b3632dd9a7b09b5700f711e8016a94fd) nautilus (stable)

Additional info:

Selinux is set to enforcing mode.


Related issues

Copied to rgw - Backport #46457: octopus: [RGW]: avc denial observed for pid=13757 comm="radosgw" on starting RabbitMQ at port 5672 In Progress
Copied to rgw - Backport #46458: nautilus: [RGW]: avc denial observed for pid=13757 comm="radosgw" on starting RabbitMQ at port 5672 Resolved

History

#2 Updated by Kaleb KEITHLEY 27 days ago

  • Backport set to nautilus octopus

#3 Updated by Casey Bodley 27 days ago

  • Status changed from In Progress to Pending Backport
  • Pull request ID set to 35983

#4 Updated by Nathan Cutler 25 days ago

  • Copied to Backport #46457: octopus: [RGW]: avc denial observed for pid=13757 comm="radosgw" on starting RabbitMQ at port 5672 added

#5 Updated by Nathan Cutler 25 days ago

  • Copied to Backport #46458: nautilus: [RGW]: avc denial observed for pid=13757 comm="radosgw" on starting RabbitMQ at port 5672 added

Also available in: Atom PDF