-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 11/16/2010 11:48 AM, m.roth@xxxxxxxxx wrote: > I'm not sure where to start on this one.... I've got a user running ruby, > and a gem called passenger. It creates a socket file in a configured > directory (now /var/tmp/passenger/<blah>/backend/. Selinux is complaining > (it's permissive) that it's a potentially mislabelled file. From the > sealert o/p: > <...> > Source Context root:system_r:httpd_t > Target Context root:object_r:httpd_tmp_t > <...> > The directory context is: > d-ws-wx-wx root root root:object_r:httpd_tmp_t ./ > d-ws--x--x root root root:object_r:httpd_tmp_t ../ > srw------- root root root:object_r:httpd_tmp_t > backend.ib4gxn1IpkOSkiCP0TviW6AoGO2CXhq0W9SzzVsUVMC0U2Yc9zOvVDr= > > So, what should it be, to make the AVC go away, and how would I know what > it should be? > > mark > > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux > > First we would need to see the avc in order to help you. Secondly why not use /var/run/passenger instead of /var/tmp rpm -q selinux-policy -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkziuLYACgkQrlYvE4MpobOpzwCeIaf5ABU345T/icyqRbEOupMm yyUAniKIkzkI/QfFejMs4ou0DwqDrNlb =axKj -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
