[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Can somebody help me?



On Wednesday 06 April 2005 06:13, "Hongwei Li" <hongwei wustl edu> wrote:
> I just found that my fc3 system log shows many, many entries like below:
>
> Apr  5 14:50:42 morpheus kernel: audit(1112730642.889:0): avc:  denied  {
> ioctl } for  pid=32509 exe=/usr/bin/perl path=/proc/loadavg dev=proc
> ino=-268435456 scontext=user_u:system_r:httpd_sys_script_t
> tcontext=system_u:object_r:proc_t tclass=file

To get an ioctl message there must already be read or write access granted.  
In that case adding ioctl as well won't do any harm, so just add the 
following to your policy source and load the new policy:

allow httpd_sys_script_t:proc_t:file ioctl;

We'll need to add that for FC4.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]