Open mbukatov opened 7 years ago
Actually, this seems to be caused by https://github.com/Tendrl/tendrl-ansible/issues/58. I will update the status of this issue when tendrl-ansible is fixed.
Update: even with tendrl-collectd-selinux-1.5.3-20171013T090621.ffb1b7f
installed, I see some collectd related avc denials. See the updated gist: https://gist.github.com/mbukatov/c76c5832c495ebc6d3eeffa09d27a386
I have updated the description of this issue as well.
Description
After a cluster is imported and tendrl starts to monitor it, there are many avc denials in audit log on machines of the monitored cluster.
Version
I'm using latest snapshot builds from master branch.
Packages on Tendrl Storage machine:
Steps to Reproduce
ausearch -m avc
.Note: step 2 means that I'm using SELinux targetted policy in permissive mode, with all tendrl selinux packages installed.
Actual Results
There are many avc denials in audit log. And large part of that is related to collectd:
See full output of
ausearch -m avc
here: https://gist.github.com/mbukatov/c76c5832c495ebc6d3eeffa09d27a386Since all messages are included there, we can ignore the ones cased by gluster itself (eg. when exe="/usr/sbin/glusterfsd"), as those are out of scope of tendrl-selinux.
Expected Results
There are no avc messages related to collect or any other tendrl monitoring component.