I do not know if this a SELinux problem or httpd problem.
Upgraded to the latest SELinux and now httpd fails with the following message
Dec 6 20:13:03 webmail kernel: audit(1102392783.654:0): avc: denied { unlink } for pid=2005 exe=/usr/sbin/httpd name=ssl_mutex.2005 dev=dm-0 ino=228205 scontext=root:system_r:httpd_t tcontext=root:object_r:httpd_log_t tclass=file Dec 6 20:13:04 webmail httpd: httpd startup succeeded Dec 6 20:13:04 webmail kernel: audit(1102392784.995:0): avc: denied { unlink } for pid=2006 exe=/usr/sbin/httpd name=ssl_mutex.2005 dev=dm-0 ino=228205 scontext=root:system_r:httpd_t tcontext=root:object_r:httpd_log_t tclass=file
The httpd error log shows [Mon Dec 06 20:13:04 2004] [error] (17)File exists: Cannot create SSLMutex with file `/etc/httpd/logs/ssl_mutex.2005' Configuration Failed
ls -Z of the directory shows the ssl_mutex... is being created incorrectly? -rw-r--r-- root root system_u:object_r:httpd_log_t ssl_error_log.2 -rw-r--r-- root root root:object_r:httpd_log_t ssl_mutex.2005 -rw-r--r-- root root system_u:object_r:httpd_log_t ssl_request_log
I am confused on where to fix this.
Arthur Stephens Sales Technician Ptera Wireless Internet astephens@ptera.net 509-927-Ptera
On Mon, Dec 06, 2004 at 05:40:07PM -0800, Arthur Stephens wrote:
I do not know if this a SELinux problem or httpd problem.
Upgraded to the latest SELinux and now httpd fails with the following message
Dec 6 20:13:03 webmail kernel: audit(1102392783.654:0): avc: denied { unlink } for pid=2005 exe=/usr/sbin/httpd name=ssl_mutex.2005 dev=dm-0 ino=228205 scontext=root:system_r:httpd_t tcontext=root:object_r:httpd_log_t tclass=file Dec 6 20:13:04 webmail httpd: httpd startup succeeded Dec 6 20:13:04 webmail kernel: audit(1102392784.995:0): avc: denied { unlink } for pid=2006 exe=/usr/sbin/httpd name=ssl_mutex.2005 dev=dm-0 ino=228205 scontext=root:system_r:httpd_t tcontext=root:object_r:httpd_log_t tclass=file
The httpd error log shows [Mon Dec 06 20:13:04 2004] [error] (17)File exists: Cannot create SSLMutex with file `/etc/httpd/logs/ssl_mutex.2005' Configuration Failed
To confirm, you are using the stock Fedora httpd and apr packages? Per my previous mail, this really should only happen if you have configured SSLMutex to something other than default setting of "default" in the Fedora /etc/httpd/conf.d/ssl.conf. Can you double-check that?
Regards,
joe
selinux@lists.fedoraproject.org