Обсуждение: BUG #3126: Kernel audit Problem
The following bug has been logged online:
Bug reference: 3126
Logged by: Balaji.S
Email address: balajisundar@midascomm.com
PostgreSQL version: 7.4.8-1
Operating system: Red Hat Enterprise Linux ES release 4 (Nahant Update 3)
Description: Kernel audit Problem
Details:
Completed the RHEL installation after reboot Postgresql Service is not
started.I am starting service Postgresql using (service postgresql start)
command
i am receiving this error message on the screen(ie.
Jan 7 07:20:23 corems kernel: audit(1010368223.881:0): avc: denied { read
} for pid=3634 exe=/usr/bin/postgres path=/tmp/sh-thd-1010339898 (deleted)
dev=hda1 ino=64169 scontext=user_u:system_r:postgresql_t
tcontext=user_u:object_r:tmp_t tclass=file
Jan 7 07:20:23 corems kernel: audit(1010368223.893:0): avc: denied { read
} for pid=3634 exe=/usr/bin/postgres name=group dev=hda1 ino=64131
scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t
tclass=file
Jan 7 07:20:24 corems kernel: audit(1010368224.191:0): avc: denied { read
} for pid=3635 exe=/usr/bin/postgres path=/tmp/sh-thd-1010341041 (deleted)
dev=hda1 ino=64169 scontext=user_u:system_r:postgresql_t
tcontext=user_u:object_r:tmp_t tclass=file
Jan 7 07:20:24 corems kernel: audit(1010368224.203:0): avc: denied { read
} for pid=3635 exe=/usr/bin/postgres name=group dev=hda1 ino=64131
scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t
tclass=file
Jan 7 07:20:24 corems kernel: audit(1010368224.480:0): avc: denied { read
} for pid=3636 exe=/usr/bin/postgres path=/tmp/sh-thd-1010359030 (deleted)
dev=hda1 ino=64169 scontext=user_u:system_r:postgresql_t
tcontext=user_u:object_r:tmp_t tclass=file
Jan 7 07:20:24 corems kernel: audit(1010368224.492:0): avc: denied { read
} for pid=3636 exe=/usr/bin/postgres name=group dev=hda1 ino=64131
scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t
tclass=file
Jan 7 07:20:24 corems kernel: audit(1010368224.514:0): avc: denied { read
} for pid=3637 exe=/usr/bin/postgres path=/tmp/sh-thd-1010342188 (deleted)
dev=hda1 ino=64169 scontext=user_u:system_r:postgresql_t
tcontext=user_u:object_r:tmp_t tclass=file
Jan 7 07:20:24 corems kernel: audit(1010368224.525:0): avc: denied { read
} for pid=3637 exe=/usr/bin/postgres name=group dev=hda1 ino=64131
scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t
tclass=file
Jan 7 07:20:24 corems kernel: audit(1010368224.579:0): avc: denied { read
} for pid=3639 exe=/usr/bin/postgres name=group dev=hda1 ino=64131
scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t
tclass=file
Jan 7 07:20:25 corems kernel: audit(1010368225.416:0): avc: denied { read
} for pid=3641 exe=/usr/bin/postgres name=group dev=hda1 ino=64131
scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t
tclass=file
Jan 7 07:20:26 corems kernel: audit(1010368226.554:0): avc: denied { read
} for pid=3643 exe=/usr/bin/postgres name=group dev=hda1 ino=64131
scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t
tclass=file
Jan 7 07:20:27 corems kernel: audit(1010368227.547:0): avc: denied { read
} for pid=3644 exe=/usr/bin/postgres name=group dev=hda1 ino=64131
scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t
tclass=file
Jan 7 07:20:28 corems kernel: audit(1010368228.198:0): avc: denied { read
} for pid=3667 exe=/usr/bin/postgres name=group dev=hda1 ino=64131
scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t
tclass=file
Jan 7 07:20:28 corems kernel: audit(1010368228.204:0): avc: denied { read
} for pid=3667 exe=/usr/bin/postgres name=group dev=hda1 ino=64131
scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t
tclass=file
Jan 7 07:20:29 corems postgresql: Starting postgresql service: succeeded
Jan 7 07:20:32 corems kernel: audit(1010368232.687:0): avc: denied { read
} for pid=3753 exe=/usr/bin/postgres name=group dev=hda1 ino=64131
scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t
tclass=file
Jan 7 07:20:32 corems kernel: audit(1010368232.697:0): avc: denied { read
} for pid=3753 exe=/usr/bin/postgres name=group dev=hda1 ino=64131
scontext=user_u:system_r:postgresql_t tcontext=user_u:object_r:tmp_t
tclass=file
Jan 7 07:20:33 corems postgresql: Starting postgresql service: succeeded
)
After error messages service started successfully.how can i start the
service without error messages on screen
Please Help me to solve this Problem
Regards
S.Balaji
Balaji.S wrote:
>
> The following bug has been logged online:
>
> Bug reference: 3126
> Logged by: Balaji.S
> Email address: balajisundar@midascomm.com
> PostgreSQL version: 7.4.8-1
> Operating system: Red Hat Enterprise Linux ES release 4 (Nahant Update 3)
> Description: Kernel audit Problem
> Details:
>
> Completed the RHEL installation after reboot Postgresql Service is not
> started.I am starting service Postgresql using (service postgresql start)
> command
> i am receiving this error message on the screen(ie.
>
> Jan 7 07:20:23 corems kernel: audit(1010368223.881:0): avc: denied { read
> } for pid=3634 exe=/usr/bin/postgres path=/tmp/sh-thd-1010339898 (deleted)
> dev=hda1 ino=64169 scontext=user_u:system_r:postgresql_t
> tcontext=user_u:object_r:tmp_t tclass=file
This is a SELinux misconfiguration problem.
--
Alvaro Herrera http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
"Balaji.S" <balajisundar@midascomm.com> writes:
> PostgreSQL version: 7.4.8-1
> Operating system: Red Hat Enterprise Linux ES release 4 (Nahant Update 3)
> Description: Kernel audit Problem
7.4.8-1 is quite old, and I suspect your selinux-policy package is too.
You need some combination of these actions:
* update to a current Postgres package
* update to a current selinux-policy package
* run restorecon on the postgres files to get them labeled
properly according to the updated policy
* re-initdb, if you were bit by
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=149237
regards, tom lane