Hint from january 2015: the bug has been fixed in the meantime.
I found out that it is currently (11/01/2014) impossible to run osad (Open Source Architecture Daemon) with SELinux enabled on EL6.6 and EL7 systems. The following error message can be seen while starting the service:
# service osad restart Shutting down osad: [ OK ] Starting osad: 2014-11-01 12:23:57 osad._setup_config: Updating configuration 2014-11-01 12:23:57 osad._setup_config: Time drift 0 2014-11-01 12:23:57 osad._setup_config: Client name ... 2014-11-01 12:23:57 osad._setup_config: Shared key ... 2014-11-01 12:23:57 jabber_lib.setup_connection: Connecting to spacewalk.localdomain.loc 2014-11-01 12:23:57 jabber_lib._get_jabber_client: 2014-11-01 12:23:57 jabber_lib._get_jabber_client: Connecting to spacewalk.localdomain.loc 2014-11-01 12:23:57 jabber_lib.__init__: 2014-11-01 12:23:57 jabber_lib.__init__: 2014-11-01 12:23:57 jabber_lib.connect: Error connecting to jabber server: Unable to connect to the host and port specified 2014-11-01 12:23:57 jabber_lib.main: Unable to connect to jabber servers, sleeping 60 seconds 2014-11-01 12:23:57 jabber_lib.push_to_background: Pushing process into background
After I spent much time on analyzing the Spacewalk and jabber server I remembered that my colleague Johannes had the same issue the other day. Red Hat Support named the following workaround:
# semanage permissive -a osad_t # service osad restart 2014-11-01 12:59:49 jabber_lib.setup_connection: Connected to jabber server spacewalk.localdomain.loc 2014-11-01 12:59:49 jabber_lib.push_to_background: Pushing process into background
It seems like there is currently an error in the SELinux configuration of osad – this bug prohibits the communication with the Jabber service of Spacewalk, Red Hat Satellite or SUSE Manager. The workaround sets the SELinux domain osad_t into permissive mode – this means that rule violations are documented but not oppressed. Red Hat is working on a fix.