RHSC - collectd executing "/sbin/ethtool bonding_master" triggers SELinux alert
Issue
- on Ceph nodes with bond network device and enabled SELinux, collectd service triggers following SELinux alert
sudo[4781]: skyring-user : TTY=unknown ; PWD=/var/lib/collectd ; USER=root ; COMMAND=/sbin/ethtool bonding_masters
collectd[5786]: exec plugin: exec_read_one: error = sudo: unable to send audit message: Permission denied
sudo[4781]: PAM audit_log_acct_message() failed: Permission denied
collectd[5786]: exec plugin: exec_read_one: error = Cannot get device settings: No such device
type=AVC msg=audit(1493119958.656:199): avc: denied { module_request } for pid=4782 comm="ethtool" kmod="netdev-bonding_masters" scontext=system_u:system_r:collectd_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system
Environment
- Red Hat Storage Console 2
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
