About audit2allow generated rules

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



HI
     I have something in /var/log/audit/audit.log like:

avc:  denied  { write } for  pid=23739 comm="httpd" name="renderd.sock"
  dev=dm-0 ino=1183752 scontext=unconfined_u:system_r:httpd_t:s0
  tcontext=unconfined_u:object_r:var_run_t:s0 tclass=sock_file


use audit2allow it generates something like this:

allow httpd_t var_run_t:sock_file write;


Is the rule too liberal? that means httpd_t can write any var_run_t 's 
sock_file?
Or I miss-understand something?

Should it only allow httpd_t to write this specific render.sock file?
If so, what's the right way to do?




Thanks.

min
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux