Short tip: osad: Unable to connect to the host and port specified (EL6.6 + EL7)

Hint from january 2015: the bug has been fixed in the meantime.

I found out that it is currently (11/01/2014) impossible to run osad (Open Source Architecture Daemon) with SELinux enabled on EL6.6 and EL7 systems. The following error message can be seen while starting the service:

# service osad restart
Shutting down osad:                                        [  OK  ]
Starting osad: 2014-11-01 12:23:57 osad._setup_config: Updating configuration
2014-11-01 12:23:57 osad._setup_config: Time drift 0
2014-11-01 12:23:57 osad._setup_config: Client name ...
2014-11-01 12:23:57 osad._setup_config: Shared key ...
2014-11-01 12:23:57 jabber_lib.setup_connection: Connecting to spacewalk.localdomain.loc
2014-11-01 12:23:57 jabber_lib._get_jabber_client:
2014-11-01 12:23:57 jabber_lib._get_jabber_client: Connecting to spacewalk.localdomain.loc
2014-11-01 12:23:57 jabber_lib.__init__:
2014-11-01 12:23:57 jabber_lib.__init__:
2014-11-01 12:23:57 jabber_lib.connect:
Error connecting to jabber server: Unable to connect to the host and port specified
2014-11-01 12:23:57 jabber_lib.main: Unable to connect to jabber servers, sleeping 60 seconds
2014-11-01 12:23:57 jabber_lib.push_to_background: Pushing process into background

After I spent much time on analyzing the Spacewalk and jabber server I remembered that my colleague Johannes had the same issue the other day. Red Hat Support named the following workaround:

# semanage permissive -a osad_t
# service osad restart
2014-11-01 12:59:49 jabber_lib.setup_connection: Connected to jabber server spacewalk.localdomain.loc
2014-11-01 12:59:49 jabber_lib.push_to_background: Pushing process into background

It seems like there is currently an error in the SELinux configuration of osad – this bug prohibits the communication with the Jabber service of Spacewalk, Red Hat Satellite or SUSE Manager. The workaround sets the SELinux domain osad_t into permissive mode – this means that rule violations are documented but not oppressed. Red Hat is working on a fix.

Sharing is caring

Leave a Reply