On 27 March 2013 13:09, ignasr@xxxxxxxxxx <ignasr@xxxxxxxxxx> wrote: > Hello, > > how do people cope with constant SELinux errors like this from Fusion > Passenger: > > 36886. 03/27/2013 14:20:05 ps unconfined_u:system_r:passenger_t:s0 2 > file open system_u:system_r:udev_t:s0-s0:c0.c1023 denied 1922 > 36887. 03/27/2013 14:20:05 ps unconfined_u:system_r:passenger_t:s0 4 dir > getattr unconfined_u:system_r:initrc_t:s0 denied 1927 > 36888. 03/27/2013 14:20:05 ps unconfined_u:system_r:passenger_t:s0 2 dir > search unconfined_u:system_r:initrc_t:s0 denied 1928 > > It happens when Passenger v3 tries to determine memory stats with "ps". > There is an Apache directive to turn it of ( > > http://www.modrails.com/documentation/Users%20guide%20Apache.html#PassengerMemoryLimit > ), unfortunately it does not work in community version of Passenger. > > The cause is always ps running as passenger_t trying to read files in > /proc with various types of security context. > > Thank you, > IgnasR > _______________________________________________ > CentOS mailing list > CentOS@xxxxxxxxxx > http://lists.centos.org/mailman/listinfo/centos > Hello IgnasR I think that you've posted to the wrong list. The app server support list is here https://groups.google.com/forum/?fromgroups#!forum/phusion-passenger Dan Walsh is a great place to start with SELinux http://people.redhat.com/dwalsh/ SElinux by example takes a great theory and hands on approach http://www.amazon.com/SELinux-Example-Using-Security-Enhanced/dp/0131963694 All the best Paul -- * "I know one thing: That I know nothing"* - Socrates *"We're all explorers here"* - T S Eliot _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos