Here's the targeted policy. It has some of the httpd errors
from the strict policy test.
Kernel: 2.6.7-1.448
Selinux-targeted: 1.13.8-1
I relabeled prior to running this test.
I'm sorry if any of this are duplicates or have been fixed.
==================================================================
audit2allow:
allow httpd_t bin_t:dir { getattr };
allow httpd_t httpd_log_t:file { write };
allow httpd_t sbin_t:dir { getattr };
===================================================================
HTTPD
1)
name = /sbin or /usr/sbin
tclass = dir
denied { getattr } exe = /usr/sbin/httpd
scontext = system_u:system_r:httpd_t
tcontext = system_u:object_r:sbin_t
2) name = /bin or /usr/bin or /usr/X11R6/bin
tclass = dir
denied { getattr } exe = /usr/sbin/httpd
scontext = system_u:system_r:httpd_t
tcontext = system_u:object_r:bin_t
3) name = jk2.shm
tclass = file
denied { write } exe = /usr/sbin/httpd
scontext = system_u:system_r:httpd_t
tcontext = system_u:object_r:httpd_log_t
Attachment:
signature.asc
Description: This is a digitally signed message part
