On 08/14/2010 11:35 AM, Arthur Dent wrote: >> There are some issues: >> >> 1. I would go here: >> https://lists.sourceforge.net/lists/listinfo/mod-security-users and ask >> if it is normal that mlogc writes to certificate databases. Its trying >> to write to files like: cert9.db, key4.db. > > I am already subscribed to that list so I'll post a message now... >> >> 2. You have a partition mounted that is not labelled properly. It is: >> /dev/sda6. Where is that mounted? > > Hmmm... That's / Ok it looks like it might want to dump core then: Add the following to your mymlogc.te to allow mlogc_t to dump core (manage files in /) files_manage_root_files(mlogc_t) >> >> 3. Looks like mlogc wants to maintain objects in /tmp. However your logs >> do not display what kind of objects ( e.g. it is incomplete ) > > Sorry I don't understand what you mean... > >> >> You may have removed log entries that were no duplicates. > > OK here are all 12... Ok it is still not displaying, That is because it is denied access. So i will for now assume it wants to maintain a file in /tmp: Add the following to your mymlogc.te file for now: type mlogc_tmp_t; files_tmp_file(mlogc_tmp_t) manage_files_pattern(mlogc_t, mlogc_tmp_t, mlogc_tmp_t) files_tmp_filetrans(mlogc_t, mlogc_tmp_t, file) > > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux
Attachment:
signature.asc
Description: OpenPGP digital signature
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
