Hi, folks - esp. Dan Walsh.
Started seeing this in a log: setroubleshoot: SELinux is preventing /usr/sbin/httpd from read access on the file /var/run/pcscd.pid. For complete SELinux messages. run sealert -l 7549ac41-0b77-49d5-9fd5-814506b6dbf5
I know that they're running subversion, and its webserver.
Googling around, before I created a local policy, I found this: https://bugzilla.redhat.com/show_bug.cgi?id=539519
We're running the current (as in, I yum updated and rebooted) CentOS 6.3. Could this have slipped back in, somehow?
mark
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 10/17/2012 11:48 AM, m.roth@5-cent.us wrote:
Did you check the label on /var/run/pcscd.pid? What is the actual avc you are seeing?
Daniel J Walsh wrote:
On 10/17/2012 11:48 AM, m.roth@5-cent.us wrote:
Did you check the label on /var/run/pcscd.pid? What is the actual avc you are seeing?
-rw-r--r--. root root system_u:object_r:pcscd_var_run_t:s0 /var/run/pcscd.pid
And the sealert shows just the catchall.
SELinux is preventing /usr/sbin/httpd from read access on the file /var/run/pcscd.pid.
***** Plugin catchall (100. confidence)
mark
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 10/17/2012 01:22 PM, m.roth@5-cent.us wrote:
Daniel J Walsh wrote:
On 10/17/2012 11:48 AM, m.roth@5-cent.us wrote:
Did you check the label on /var/run/pcscd.pid? What is the actual avc you are seeing?
-rw-r--r--. root root system_u:object_r:pcscd_var_run_t:s0 /var/run/pcscd.pid
And the sealert shows just the catchall.
SELinux is preventing /usr/sbin/httpd from read access on the file /var/run/pcscd.pid.
***** Plugin catchall (100. confidence)
mark
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
Can you execute
ausearch -m avc
And get the AVC's that way.
selinux@lists.fedoraproject.org