Re: socket files and ruby/passenger

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/16/2010 11:48 AM, m.roth@xxxxxxxxx wrote:
> I'm not sure where to start on this one.... I've got a user running ruby,
> and a gem called passenger. It creates a socket file in a configured
> directory (now /var/tmp/passenger/<blah>/backend/. Selinux is complaining
> (it's permissive) that it's a potentially mislabelled file. From the
> sealert o/p:
> <...>
> Source Context                root:system_r:httpd_t
> Target Context                root:object_r:httpd_tmp_t
> <...>
> The directory context is:
> d-ws-wx-wx  root root root:object_r:httpd_tmp_t        ./
> d-ws--x--x  root root root:object_r:httpd_tmp_t        ../
> srw-------  root root root:object_r:httpd_tmp_t       
> backend.ib4gxn1IpkOSkiCP0TviW6AoGO2CXhq0W9SzzVsUVMC0U2Yc9zOvVDr=
> 
> So, what should it be, to make the AVC go away, and how would I know what
> it should be?
> 
>        mark
> 
> --
> selinux mailing list
> selinux@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/selinux
> 
> 
First we would need to see the avc in order to help you.  Secondly why
not use /var/run/passenger instead of /var/tmp


rpm -q selinux-policy
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkziuLYACgkQrlYvE4MpobOpzwCeIaf5ABU345T/icyqRbEOupMm
yyUAniKIkzkI/QfFejMs4ou0DwqDrNlb
=axKj
-----END PGP SIGNATURE-----
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux


[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux