Hi,
I have updated my Centos 6 installation a couple of days ago to include the most recent
packages.
Since that moment my awstats cron job is not working anymore. This cron job reads apache
log files and generates statistics for this.
Here is a sample of the avc I get:
----
time->Sat May 25 10:01:07 2013
type=PATH msg=audit(1369468867.049:94733): item=1 name=(null) inode=5832775
dev=ca:00 mode=040755 ouid=0 ogid=0 rdev=00:00
obj=system_u:object_r:httpd_sys_content_t:s0
type=PATH msg=audit(1369468867.049:94733): item=0
name="/var/www/hosting/iyoga.be/log/access_log"
type=CWD msg=audit(1369468867.049:94733): cwd="/"
type=SYSCALL msg=audit(1369468867.049:94733): arch=c000003e syscall=2 success=no
exit=-13 a0=2cc6490 a1=0 a2=1b6 a3=37b751dd40 items=2 ppid=7229 pid=7230 auid=0
uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2826
comm="awstats.pl" exe="/usr/bin/perl"
subj=system_u:system_r:awstats_t:s0-s0:c0.c1023
key=(null)
type=AVC msg=audit(1369468867.049:94733): avc: denied { search } for pid=7230
comm="awstats.pl" name="www" dev=xvda ino=5832775
scontext=system_u:system_r:awstats_t:s0-s0:c0.c1023
tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir
----
In /var/log/messages the corresponding message is:
May 25 10:01:12 abmpub6 setroubleshoot: SELinux is preventing /usr/bin/perl from search
access on the directory /var/www/hosting/iyoga.be/log/access_log. For complete SELinux
messages.
run sealert -l cb05aa4b-3270-49e5-be6f-37c8a6cadc56
The first oddity to note is that /var/www/hosting/iyoga.be/log/access_log is not a
directory,
but a file.
Next I'm confused with the labels. The file is labeled
system_u:object_r:httpd_log_t:s0, but the
avc seems to complain about system_u:object_r:httpd_sys_content_t:s0
Currently installed packages:
selinux-policy-targeted-3.7.19-195.el6_4.5.noarch
awstats-7.0-3.el6.noarch
I have no idea what happens here, let alone how to fix it. Can anyone shed some more light
on this ?
Thank you,
Geert