Guest

Preview Tool

Cisco Bug: CSCun79052 - Unity: SeLinux Denials on Server Reboot

Last Modified

May 26, 2016

Products (1)

  • Cisco Unity Connection

Known Affected Releases

10.0(1)ES1

Description (partial)

Symptom:
Security Enhanced Linux (SELinux) Policy modules are missing. This is causing ''denial'' message to be displayed when the system boots.


The following denials occur on server restart:

Mar 17 15:10:37 CUCXN-C089-PUB kern 5 kernel:type=1400 audit(1395083437.723:32131): avc:  denied  { getattr } for  pid=27421 comm="ps" path="/proc/2680" dev=proc ino=57260 scontext=system_u:system_r:init_t:s0 tcontext=system_u:system_r:cuc_snmp_t:s0-s0:c0.c1023 tclass=dir

Mar 17 15:16:00 CUCXN-C089-PUB kern 5 kernel:type=1400 audit(1395083760.370:29882): avc:  denied  { getcap } for  pid=25600 comm="tomcat" scontext=system_u:system_r:tomcatd_t:s0-s0:c0.c1023 tcontext=system_u:system_r:tomcatd_t:s0-s0:c0.c1023 tclass=process

Mar 17 15:19:07 CUCXN-C089-PUB kern 5 kernel:type=1400 audit(1395083947.697:29885): avc:  denied  { getattr } for  pid=13112 comm="ps" path="/proc/31585" dev=proc ino=32207 scontext=system_u:system_r:cuc_jetty_t:s0-s0:c0.c1023 tcontext=remotesupport_u:sysadm_r:sysadm_sudo_t:s0-s0:c0.c1023 tclass=dir

Mar 17 15:20:09 CUCXN-C089-PUB kern 5 kernel:type=1400 audit(1395084009.034:29886): avc:  denied  { getattr } for  pid=28764 comm="ps" path="/proc/31585" dev=proc ino=32207 scontext=system_u:system_r:cuc_jetty_t:s0-s0:c0.c1023 tcontext=remotesupport_u:sysadm_r:sysadm_sudo_t:s0-s0:c0.c1023 tclass=dir

Mar 17 15:20:09 CUCXN-C089-PUB kern 5 kernel:type=1400 audit(1395084009.138:29887): avc:  denied  { getattr } for  pid=28776 comm="ps" path="/proc/31585" dev=proc ino=32207 scontext=system_u:system_r:cuc_jetty_t:s0-s0:c0.c1023 tcontext=remotesupport_u:sysadm_r:sysadm_sudo_t:s0-s0:c0.c1023 tclass=dir

Mar 17 15:20:26 CUCXN-C089-PUB kern 5 kernel:type=1400 audit(1395084026.251:29888): avc:  denied  { read } for  pid=11582 comm="CuImapSvr" name="cert.pem" dev=sda2 ino=531485 scontext=system_u:system_r:cuc_imap_t:s0-s0:c0.c1023 tcontext=system_u:object_r:cert_t:s0 tclass=lnk_file

Conditions:
None
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.