[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

How to modify the policy?



Hi,

I have a fc3 linux (kernel 2.6.10-1.770_FC3) with selinux enforced,
targeted policy 1.17.30-2.96.  I try to use squirrelmail's plugin
change_passwd, but got denied.  The system log shows:

Apr 14 09:42:59 pippo kernel: audit(1113489779.011:0): avc:  denied  {
search } for  pid=13211 exe=/bin/bash name=src dev=hda6 ino=425174
scontext=root:system_r:httpd_sys_script_t tcontext=system_u:object_r:src_t
tclass=dir
Apr 14 09:42:59 pippo kernel: audit(1113489779.012:0): avc:  denied  {
setuid } for  pid=13211 exe=/usr/bin/chpasswd capability=7
scontext=root:system_r:httpd_sys_script_t
tcontext=root:system_r:httpd_sys_script_t tclass=capability

I can use that plugin's command in ssh console, but just not from the web.
 Should I change the targeted policy to make it working?  If yes, how to
modify the policy?

Thanks a lot!

Hongwei Li


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]