Selinux is denying webalizer

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Selinux is denying webalizer one logfile.

I want webalizer to make a report of vsftps.log, but senlinux is denying
webalizer access to the file, what to do?

Webilizer is run as a cronjob as root.

A snip from auth.log

 type=PATH msg=audit(1127509217.604:11185427): item=0 name="webalizer.conf"
flags=401  inode=32641 dev=fd:00 mode=042777 ouid=0 ogid=0 rdev=00:00
type=CRED_DISP msg=audit(1127509222.415:11193091): user pid=29417 uid=0
auid=0 msg='PAM setcred: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
type=USER_END msg=audit(1127509222.416:11193110): user pid=29417 uid=0
auid=0 msg='PAM session close: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
type=AVC msg=audit(1127509223.373:11195697): avc:  denied  { search } for
pid=29635 comm="webalizer" name="root" dev=dm-0 ino=32641
scontext=root:system_r:webalizer_t tcontext=root:object_r:user_home_dir_t
tclass=dir
type=SYSCALL msg=audit(1127509223.373:11195697): arch=40000003 syscall=33
success=no exit=-13 a0=8060468 a1=0 a2=4a3ff4 a3=80617f0 items=1 pid=29635
auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="webalizer" exe="/usr/bin/webalizer"
type=CWD msg=audit(1127509223.373:11195697):  cwd="/root"
type=PATH msg=audit(1127509223.373:11195697): item=0 name="webalizer.conf"
flags=401  inode=32641 dev=fd:00 mode=042777 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1127509223.410:11195998): avc:  denied  { search } for
pid=29637 comm="webalizer" name="root" dev=dm-0 ino=32641
scontext=root:system_r:webalizer_t tcontext=root:object_r:user_home_dir_t
tclass=dir
type=SYSCALL msg=audit(1127509223.410:11195998): arch=40000003 syscall=33
success=no exit=-13 a0=8060468 a1=0 a2=2fcff4 a3=80617f0 items=1 pid=29637
auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="webalizer" exe="/usr/bin/webalizer"
type=CWD msg=audit(1127509223.410:11195998):  cwd="/root"
type=PATH msg=audit(1127509223.410:11195998): item=0 name="webalizer.conf"
flags=401  inode=32641 dev=fd:00 mode=042777 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1127509223.413:11196024): avc:  denied  { read } for
pid=29637 comm="webalizer" name="vsftpd.log" dev=dm-0 ino=1143800
scontext=root:system_r:webalizer_t tcontext=system_u:object_r:xferlog_t
tclass=file
type=SYSCALL msg=audit(1127509223.413:11196024): arch=40000003 syscall=5
success=no exit=-13 a0=8f6ff78 a1=8000 a2=1b6 a3=8f6f060 items=1 pid=29637
auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="webalizer" exe="/usr/bin/webalizer"
type=CWD msg=audit(1127509223.413:11196024):  cwd="/root"
type=PATH msg=audit(1127509223.413:11196024): item=0
name="/var/log/vsftpd.log" flags=101  inode=1143800 dev=fd:00 mode=0100600
ouid=0 ogid=0 rdev=00:00
type=CRED_DISP msg=audit(1127509224.298:11197719): user pid=29420 uid=0
auid=0 msg='PAM setcred: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
type=USER_END msg=audit(1127509224.299:11197742): user pid=29420 uid=0
auid=0 msg='PAM session close: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
type=USER_ACCT msg=audit(1127509261.312:11221084): user pid=29715 uid=0
auid=4294967295 msg='PAM accounting: user=root exe="/usr/sbin/crond"
(hostname=?, addr=?, terminal=cron result=Success)'
type=LOGIN msg=audit(1127509261.314:11221153): login pid=29715 uid=0 old
auid=4294967295 new auid=0
type=USER_START msg=audit(1127509261.314:11221159): user pid=29715 uid=0
auid=0 msg='PAM session open: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
type=CRED_ACQ msg=audit(1127509261.314:11221168): user pid=29715 uid=0
auid=0 msg='PAM setcred: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
type=CRED_DISP msg=audit(1127509261.328:11221481): user pid=29715 uid=0
auid=0 msg='PAM setcred: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
type=USER_END msg=audit(1127509261.329:11221500): user pid=29715 uid=0
auid=0 msg='PAM session close: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'


With best regards

Tomas Larsson
Sweden

Verus Amicus Est Tamquam Alter Idem


--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux