Guest

Preview Tool

Cisco Bug: CSCvu58134 - In CVIM 3.4.4 Modified file permissions from fluentd on btmp causing sellinux to prevent file access

Last Modified

Jul 29, 2020

Products (1)

  • Cisco Virtualized Infrastructure Manager

Known Affected Releases

3.4(4)

Description (partial)

Symptom:
In a CVIM compute node (RHEL 7.6) /var/log/messages the following log is repeatedly observed.


Jun  9 13:08:03 cp3 python: SELinux is preventing /usr/sbin/sshd from read access on the file btmp.#012#012*****  Plugin catchall (100. confidence) suggests   **************************#012#012If you believe that sshd should be allowed read access on the btmp file by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'sshd' --raw | audit2allow -M my-sshd#012# semodule -i my-sshd.pp#012

Conditions:
This occurs a number of days post CVIM installation during log rotation.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.