Targeted policy test, 1.13.8-1, denies: httpd
Ivan Gyurdiev
ivg2 at cornell.edu
Fri Jun 25 05:14:19 UTC 2004
Here's the targeted policy. It has some of the httpd errors
from the strict policy test.
Kernel: 2.6.7-1.448
Selinux-targeted: 1.13.8-1
I relabeled prior to running this test.
I'm sorry if any of this are duplicates or have been fixed.
==================================================================
audit2allow:
allow httpd_t bin_t:dir { getattr };
allow httpd_t httpd_log_t:file { write };
allow httpd_t sbin_t:dir { getattr };
===================================================================
HTTPD
1)
name = /sbin or /usr/sbin
tclass = dir
denied { getattr } exe = /usr/sbin/httpd
scontext = system_u:system_r:httpd_t
tcontext = system_u:object_r:sbin_t
2) name = /bin or /usr/bin or /usr/X11R6/bin
tclass = dir
denied { getattr } exe = /usr/sbin/httpd
scontext = system_u:system_r:httpd_t
tcontext = system_u:object_r:bin_t
3) name = jk2.shm
tclass = file
denied { write } exe = /usr/sbin/httpd
scontext = system_u:system_r:httpd_t
tcontext = system_u:object_r:httpd_log_t
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20040624/b868a962/attachment.sig>
More information about the fedora-selinux-list
mailing list