I have selinux-targeted-policy-sources installed.
I am trying to make entries that fix these two errors
in //etc/selinux/targeted/src/policy/domains/local.te
#1
Nov 14 10:43:14 srv1 dbus: Can't send to audit system: USER_AVC pid=3024
uid=81 loginuid=-1 message=avc: denied { send_msg } for
scontext=user_u:system_r:unconfined_t tcontext=user_u:system_r:initrc_t
tclass=dbus
#2
Nov 14 10:43:14 srv1 kernel: audit(1131990194.347:11): avc: denied
{ connectto } for pid=2941 comm="httpd" name="mysql.sock"
scontext=user_u:system_r:httpd_t tcontext=user_u:system_r:initrc_t
tclass=unix_stream_socket
Can anyone tell me what might work here? This doesn't work...
# cat /etc/selinux/targeted/src/policy/domains/local.te
## http to mysql
allow httpd_t var_t:sock_file write;
allow httpd_t unconfined_t:unix_stream_socket connectto;
I need selinux for dummies - any thoughts where I can find such info if
not here?
Thanks
Craig
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
