AVCs from restarting httpd but only when in permissive mode

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I had to reboot earlier this week because X crashed in a way that took
out my keyboard, requiring a reboot to get the keyboard to work again.
And when I temporarily set to permissive some time ago to do some
testing, then set back to enforcing, somehow my "default" mode got left
in permissive.  That's now fixed and I'm back in enforcing mode.
Anyway, after the reboot I came up in permissive mode, which is how I
discovered this.

If I restart httpd while in permissive mode, I get two AVCs.  If I
restart httpd while in enforcing mode, I get none.  Is this normal or
expected?  Since I only get these AVCs while in permissive mode, there's
no error in httpd logs to look for.  (And when I look anyway, all I see
is normal "starting up" sorts of messages.)

type=AVC msg=audit(1208684921.858:22475): avc:  denied  { read write }
for  pid=2956 comm="httpd" name="context" dev=selinuxfs ino=5
scontext=system_u:system_r:httpd_t:s0
tcontext=system_u:object_r:security_t:s0 tclass=file
type=SYSCALL msg=audit(1208684921.858:22475): arch=40000003 syscall=5
success=yes exit=14 a0=bfc89488 a1=8002 a2=0 a3=8002 items=0 ppid=1
pid=2956 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=(none) comm="httpd" exe="/usr/sbin/httpd"
subj=system_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1208684921.858:22476): avc:  denied
{ check_context } for  pid=2956 comm="httpd"
scontext=system_u:system_r:httpd_t:s0
tcontext=system_u:object_r:security_t:s0 tclass=security
type=SYSCALL msg=audit(1208684921.858:22476): arch=40000003 syscall=4
success=yes exit=33 a0=e a1=b931e310 a2=21 a3=b931e310 items=0 ppid=1
pid=2956 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=(none) comm="httpd" exe="/usr/sbin/httpd"
subj=system_u:system_r:httpd_t:s0 key=(null)

	Eddie

-- 
  Eddie Kuns  |  Home: ekuns@xxxxxxxxxxxxxxxx
--------------/  URL:  http://kilroy.chi.il.us/
  "Ah, savory cheese puffs, made inedible by time and fate." -- The Tick

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux