[Bug 1887111] SELinux is preventing graph.cgi from read access on the directory cpu.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

https://bugzilla.redhat.com/show_bug.cgi?id=1887111



--- Comment #2 from W Agtail <crash70@xxxxxxxxx> ---
SELinux is preventing graph.cgi from read access on the directory cpu.

*****  Plugin catchall (100. confidence) suggests   **************************

If you believe that graph.cgi should be allowed read access on the cpu
directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'graph.cgi' --raw | audit2allow -M my-graphcgi
# semodule -X 300 -i my-graphcgi.pp


Additional Information:
Source Context                system_u:system_r:dspam_script_t:s0
Target Context                system_u:object_r:sysfs_t:s0
Target Objects                cpu [ dir ]
Source                        graph.cgi
Source Path                   graph.cgi
Port                          <Unknown>
Host                          kvm7.home.local
Source RPM Packages           
Target RPM Packages           
SELinux Policy RPM            selinux-policy-targeted-3.14.5-43.fc32.noarch
Local Policy RPM              
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Permissive
Host Name                     kvm7.home.local
Platform                      Linux kvm7.home.local 5.8.11-200.fc32.x86_64 #1
                              SMP Wed Sep 23 13:51:28 UTC 2020 x86_64 x86_64
Alert Count                   57
First Seen                    2020-10-06 22:03:10 BST
Last Seen                     2020-10-10 23:29:25 BST
Local ID                      d7c006a1-31d8-41da-9e86-20b7ba61975c

Raw Audit Messages
type=AVC msg=audit(1602368965.274:78914): avc:  denied  { read } for 
pid=2979679 comm="graph.cgi" name="cpu" dev="sysfs" ino=33
scontext=system_u:system_r:dspam_script_t:s0
tcontext=system_u:object_r:sysfs_t:s0 tclass=dir permissive=1


Hash: graph.cgi,dspam_script_t,sysfs_t,dir,read


-- 
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
perl-devel mailing list -- perl-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to perl-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Legacy Announce]     [Fedora PHP Devel]     [Kernel Devel]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite Information]

  Powered by Linux