awstats AVC denial
Vadym Chepkov
chepkov at yahoo.com
Sat Feb 7 14:21:13 UTC 2009
Hi,
I can't figure out why do I get denies in my Redhat installation.
This is what I have:
selinux-policy-targeted-2.4.6-203.el5
httpd_enable_cgi --> on
httpd_unified --> off
system_u:object_r:httpd_sys_content_t:s0 /var/www/awstats
system_u:object_r:httpd_sys_script_exec_t:s0 /var/www/awstats/awstats.pl
system_u:object_r:httpd_sys_content_t:s0 /var/www/awstats/awstats022009.txt
And this is what I get:
type=AVC msg=audit(1234014919.167:40376): avc: denied { read } for pid=32656 comm="awstats.pl" name="awstats" dev=sda1 ino=704533 scontext=user_u:system_r:httpd_sys_script_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir
type=AVC msg=audit(1234014919.167:40377): avc: denied { getattr } for pid=32656 comm="awstats.pl" path="/var/www/awstats/awstats022009.txt" dev=sda1 ino=706623 scontext=user_u:system_r:httpd_sys_script_t:s0 tcontext=user_u:object_r:httpd_sys_content_t:s0 tclass=file
The question is, why? Thank you.
Sincerely yours,
Vadym Chepkov
More information about the fedora-selinux-list
mailing list