On 06/24/2010 04:17 PM, m.roth(a)5-cent.us wrote:
I'm tired of this. I think it's time for me to file a bug
report.
I have the current version of CA's Siteminder installed. I have the
current version of CentOS (5.5). I'm still getting selinux complaining
that siteminder can't write to its own logfiles.
ll -Z /var/log/httpd/smagent.log
-rw-r--r-- apache root system_u:object_r:httpd_log_t
/var/log/httpd/smagent.log
ll -Z /usr/local/opt/smwa-6qmr5-cr035-rhel30-x86-64/webagent/bin/LLAWP
-rwxrwxr-x root root system_u:object_r:bin_t
/usr/local/opt/smwa-6qmr5-cr035-rhel30-x86-64/webagent/bin/LLAWP*
I run sealert, and it tells me that I can allow this behavior by setting
httpd_unified on. It says that httpd_unified is off.
It's on. It's been on. Therefore, selinux's error handling has a bug, and
is falling through to an incorrect diagnosis.
So, can someone give me the link to selinux's bugzilla?
mark
--
selinux mailing list
selinux(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux please attach the avc
message