-------- Original Message --------
From: Daniel J Walsh <dwalsh@xxxxxxxxxx>
>On 10/19/2012 10:48 AM, m.roth@xxxxxxxxx wrote:
> From: Daniel J Walsh <dwalsh@xxxxxxxxxx> On 10/17/2012 01:22 PM,
> m.roth@xxxxxxxxx wrote:
>> Daniel J Walsh wrote:
>>> On 10/17/2012 11:48 AM, m.roth@xxxxxxxxx wrote:
>>>
>>> Did you check the label on /var/run/pcscd.pid? What is the actual
>>> avc you are seeing?
>> -rw-r--r--. root root system_u:object_r:pcscd_var_run_t:s0
>> /var/run/pcscd.pid
>>
>> And the sealert shows just the catchall.
>>
>> SELinux is preventing /usr/sbin/httpd from read access on the file
>> /var/run/pcscd.pid.
>>
>> ***** Plugin catchall (100. confidence)
>> Can you execute
>> ausearch -m avc
I think this is a sample of what you were asking for:
time->Fri Oct 19 00:45:01 2012
type=SYSCALL msg=audit(1350621901.305:71913): arch=c000003e syscall=2
success=ye
s exit=18 a0=7f0ebf4a6e22 a1=0 a2=1b6 a3=0 items=0 ppid=6184 pid=6247
auid=42949
67295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48
tty=(none)
ses=4294967295 comm="httpd" exe="/usr/sbin/httpd"
subj=system_u:system_r:httpd_
t:s0 key=(null)
type=AVC msg=audit(1350621901.305:71913): avc: denied { open } for
pid=6247 c
omm="httpd" name="pcscd.pid" dev=sda3 ino=81412261
scontext=system_u:system_r:ht
tpd_t:s0 tcontext=system_u:object_r:pcscd_var_run_t:s0 tclass=file
type=AVC msg=audit(1350621901.305:71913): avc: denied { read } for
pid=6247 c
omm="httpd" name="pcscd.pid" dev=sda3 ino=81412261
scontext=system_u:system_r:ht
tpd_t:s0 tcontext=system_u:object_r:pcscd_var_run_t:s0 tclass=file
mark
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
