[Satellite6] SELinux is blocking the syncronization process when /var/lib/pulp directory is mounted over NFS

Solution Verified - Updated -

Issue

  • SELinux is blocking the synchronization process when /var/lib/pulp directory is mounted over NFS on Red Hat Satellite 6.
type=AVC msg=audit(1411589239.296:568): avc:  denied  { getattr } for  pid=17866 comm="httpd" path="/var/lib/pulp" dev=0:17 ino=2 scontext=unconfined_u:system_r:httpd_t:s0 tcontext=system_u:object_r:nfs_t:s0 tclass=dir
type=SYSCALL msg=audit(1411589239.296:568): arch=c000003e syscall=4 success=no exit=-13 a0=7fe950005320 a1=7fe9657f56f0 a2=7fe9657f56f0 a3=20 items=0 ppid=17787 pid=17866 auid=0 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=8 comm="httpd" exe="/usr/sbin/httpd" subj=unconfined_u:system_r:httpd_t:s0 key=(null)
  • After setting setsebool to allow nfs http still getting celery errors in /var/log/audit/audit.log

Environment

  • Red Hat Satellite 6.x
  • Pulp Contents in NFS Share (/var/lib/pulp)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content