cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
437
Views
0
Helpful
0
Replies
shellye
Beginner

CSCve30350 - SELinux is preventing CTIManager from access to PKI folder

Hello Everyone!

We have a customer that experienced CTI Connection error on Cisco Jabber in the middle of the day.
Jabber client had to log out and then login again in order to restore the CTI connection to the primary CTI node.

 

 - On the primary CUCM CTI provider node, CTI Manager service did not stop, the service was up and running.

 - Around the same time, the primary CUCM CTI provider node experienced high CPU (~87%) with cmoninit process (40%).

 - There are no CTIManager logs from the primary node at the same time. However, there are CTIManager logs on the second and the third nodes.

After looking at the logs, I have noticed the log below:

Screenshot_10.png

 

 

 

 

 

 

 

 

 

 

 

 

We are getting a large number of errors all the time on all three CTI providers nodes, and CPU spikes sometimes.

 

 - I have found this bug (CSCve30350), but the problem is that we are not using LDAP SSL Authentication.

 - I am wondering if these errors are impacting overall CUCM performance, which caused high CPU utilization and CTI disconnections.

 - I would like to know if configuring SELinux to permissive mode will solve the problem (utils os secure permissive), and if so, it may impact production environment?

 - CUCM Version: 11.5.1.12900-21

 

Any advice will be very appreciated!!

0 REPLIES 0