Short tip: osad: Unable to connect to the host and port specified (EL6.6 + EL7)

calendar Nov 1, 2014 · 2 min read · red-hat-satellite kurztipp spacewalk suse-manager  ·
Share on: linkedin copy

Hint from january 2015: the bug has been fixed in the meantime.

I found out that it is currently (11/01/2014) impossible to run osad (Open Source Architecture Daemon) with SELinux enabled on EL6.6 and EL7 systems. The following error message can be seen while starting the service:

 1# service osad restart
 2Shutting down osad:                                        [  OK  ]
 3Starting osad: 2014-11-01 12:23:57 osad._setup_config: Updating configuration
 42014-11-01 12:23:57 osad._setup_config: Time drift 0
 52014-11-01 12:23:57 osad._setup_config: Client name ...
 62014-11-01 12:23:57 osad._setup_config: Shared key ...
 72014-11-01 12:23:57 jabber_lib.setup_connection: Connecting to spacewalk.localdomain.loc
 82014-11-01 12:23:57 jabber_lib._get_jabber_client:
 92014-11-01 12:23:57 jabber_lib._get_jabber_client: Connecting to spacewalk.localdomain.loc
102014-11-01 12:23:57 jabber_lib.__init__:
112014-11-01 12:23:57 jabber_lib.__init__:
122014-11-01 12:23:57 jabber_lib.connect:
13Error connecting to jabber server: Unable to connect to the host and port specified
142014-11-01 12:23:57 jabber_lib.main: Unable to connect to jabber servers, sleeping 60 seconds
152014-11-01 12:23:57 jabber_lib.push_to_background: Pushing process into background

After I spent much time on analyzing the Spacewalk and jabber server I remembered that my colleague Johannes had the same issue the other day. Red Hat Support named the following workaround:

1# semanage permissive -a osad_t
2# service osad restart
32014-11-01 12:59:49 jabber_lib.setup_connection: Connected to jabber server spacewalk.localdomain.loc
42014-11-01 12:59:49 jabber_lib.push_to_background: Pushing process into background

It seems like there is currently an error in the SELinux configuration of osad - this bug prohibits the communication with the Jabber service of Spacewalk, Red Hat Satellite or SUSE Manager. The workaround sets the SELinux domain osad_t into permissive mode - this means that rule violations are documented but not oppressed. Red Hat is working on a fix.

Translations: