Daniel J Walsh wrote:
On 09/13/2012 04:44 PM, m.roth@5-cent.us wrote:
Daniel J Walsh wrote:
On 09/13/2012 03:24 PM, m.roth@5-cent.us wrote:
CentOS 6.3. *Just* updated, including most current selinux-policy and selinux-policy-targeted. I'm getting tons of these, as in it's just spitting them out when I tail -f /var/log/messages: Sep 13 15:20:51 <server> setroubleshoot: SELinux is preventing /bin/ps from search access on the directory @2. For complete SELinux messages. run sealert -l d92ec78b-3897-4760-93c5-343a662fec67
<snip> > What are the AVC's you are seeing. What domain is running ps command.
I've turned down auditd to *try* to cut down some of the garbage in the logs, but I still see things like: Sep 13 16:04:02 <server> kernel: type=1400 audit(1347566642.053:96703): avc: denied { search } for pid=9835 comm="ps" name="3647" dev=proc ino=20207 scontext=unconfined_u:system_r:httpd_t:s0 tcontext=system_u:system_r:crond_t:s0-s0:c0.c1023 tclass=dir
You running passenger?
Let me guess: I just googled passenger and selinux, and I see a number of hits to grep httpd /var/log/audit/audit.log | audit2allow -M passenger then semodule -i passenger.pp
Looking in the .te, there's a *lot* of allows....
mark
selinux@lists.fedoraproject.org