Re: selinux allow apache log access

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 


On 06/17/2015 04:03 PM, Jonathan Billings wrote:
> On Wed, Jun 17, 2015 at 03:30:51PM -0400, Tim Dunphy wrote:
>> No prob! Thanks for all the help! But in searching my system I don't find
>> anything of the sort.
>>
>> [root@monitor2:~] #updatedb
>> [root@monitor2:~] #locate myzabbix.te
>> [root@monitor2:~] #find / -name "myzabbix.*"
>>
>> I also did search using 'yum provides' to find something similar. But
>> wasn't' able to find anything.
> What we're asking for is the contents of the .te file that is created
> when you run audit2allow.
>
Go back to the original email and do what you were told

# grep zabbix /var/log/audit/audit.log  | audit2allow -M myzabbix
# semodule -i myzabbix.pp

You did audit2allow -M zabbix

Which created zabbix.te and zabbix.pp, which is bad.  It will attempt to
replace the system module.

If you use myzappix, it will add the allow rules.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux