httpd log rotation problem?
Joe Orton
jorton at redhat.com
Wed Feb 16 14:24:25 UTC 2005
On Mon, Feb 07, 2005 at 09:54:04AM +0200, Fred New wrote:
> I am getting the following message once a week on a standard FC3 system.
> Is this one of those denials that shouldn't be audited?:
>
> Feb 6 04:02:26 nimeta01 kernel: audit(1107655346.258:0): avc: denied
> { ioctl } for pid=3587 exe=/usr/sbin/httpd
> path=/var/log/httpd/error_log.1 dev=hda3 ino=1174805
> scontext=user_u:system_r:httpd_t tcontext=root:object_r:httpd_runtime_t
> tclass=file
I've also seen this a few times on my FC3 test box too now, it triggers
on logrotate runs when the server is restarted.
Do you have mod_perl installed? I believe it's Perl which does random
ioctl calls on fd's 0-3, I don't know why, but it should probably marked
as "dontaudit".
joe
More information about the fedora-selinux-list
mailing list