Selinux is denying webalizer
Tomas Larsson
ktl at bornet.net
Fri Sep 23 21:11:16 UTC 2005
Selinux is denying webalizer one logfile.
I want webalizer to make a report of vsftps.log, but senlinux is denying
webalizer access to the file, what to do?
Webilizer is run as a cronjob as root.
A snip from auth.log
type=PATH msg=audit(1127509217.604:11185427): item=0 name="webalizer.conf"
flags=401 inode=32641 dev=fd:00 mode=042777 ouid=0 ogid=0 rdev=00:00
type=CRED_DISP msg=audit(1127509222.415:11193091): user pid=29417 uid=0
auid=0 msg='PAM setcred: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
type=USER_END msg=audit(1127509222.416:11193110): user pid=29417 uid=0
auid=0 msg='PAM session close: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
type=AVC msg=audit(1127509223.373:11195697): avc: denied { search } for
pid=29635 comm="webalizer" name="root" dev=dm-0 ino=32641
scontext=root:system_r:webalizer_t tcontext=root:object_r:user_home_dir_t
tclass=dir
type=SYSCALL msg=audit(1127509223.373:11195697): arch=40000003 syscall=33
success=no exit=-13 a0=8060468 a1=0 a2=4a3ff4 a3=80617f0 items=1 pid=29635
auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="webalizer" exe="/usr/bin/webalizer"
type=CWD msg=audit(1127509223.373:11195697): cwd="/root"
type=PATH msg=audit(1127509223.373:11195697): item=0 name="webalizer.conf"
flags=401 inode=32641 dev=fd:00 mode=042777 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1127509223.410:11195998): avc: denied { search } for
pid=29637 comm="webalizer" name="root" dev=dm-0 ino=32641
scontext=root:system_r:webalizer_t tcontext=root:object_r:user_home_dir_t
tclass=dir
type=SYSCALL msg=audit(1127509223.410:11195998): arch=40000003 syscall=33
success=no exit=-13 a0=8060468 a1=0 a2=2fcff4 a3=80617f0 items=1 pid=29637
auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="webalizer" exe="/usr/bin/webalizer"
type=CWD msg=audit(1127509223.410:11195998): cwd="/root"
type=PATH msg=audit(1127509223.410:11195998): item=0 name="webalizer.conf"
flags=401 inode=32641 dev=fd:00 mode=042777 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1127509223.413:11196024): avc: denied { read } for
pid=29637 comm="webalizer" name="vsftpd.log" dev=dm-0 ino=1143800
scontext=root:system_r:webalizer_t tcontext=system_u:object_r:xferlog_t
tclass=file
type=SYSCALL msg=audit(1127509223.413:11196024): arch=40000003 syscall=5
success=no exit=-13 a0=8f6ff78 a1=8000 a2=1b6 a3=8f6f060 items=1 pid=29637
auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="webalizer" exe="/usr/bin/webalizer"
type=CWD msg=audit(1127509223.413:11196024): cwd="/root"
type=PATH msg=audit(1127509223.413:11196024): item=0
name="/var/log/vsftpd.log" flags=101 inode=1143800 dev=fd:00 mode=0100600
ouid=0 ogid=0 rdev=00:00
type=CRED_DISP msg=audit(1127509224.298:11197719): user pid=29420 uid=0
auid=0 msg='PAM setcred: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
type=USER_END msg=audit(1127509224.299:11197742): user pid=29420 uid=0
auid=0 msg='PAM session close: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
type=USER_ACCT msg=audit(1127509261.312:11221084): user pid=29715 uid=0
auid=4294967295 msg='PAM accounting: user=root exe="/usr/sbin/crond"
(hostname=?, addr=?, terminal=cron result=Success)'
type=LOGIN msg=audit(1127509261.314:11221153): login pid=29715 uid=0 old
auid=4294967295 new auid=0
type=USER_START msg=audit(1127509261.314:11221159): user pid=29715 uid=0
auid=0 msg='PAM session open: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
type=CRED_ACQ msg=audit(1127509261.314:11221168): user pid=29715 uid=0
auid=0 msg='PAM setcred: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
type=CRED_DISP msg=audit(1127509261.328:11221481): user pid=29715 uid=0
auid=0 msg='PAM setcred: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
type=USER_END msg=audit(1127509261.329:11221500): user pid=29715 uid=0
auid=0 msg='PAM session close: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
With best regards
Tomas Larsson
Sweden
Verus Amicus Est Tamquam Alter Idem
More information about the fedora-selinux-list
mailing list