Hi,

I have updated my Centos 6 installation a couple of days ago to include the most recent packages.

Since that moment my awstats cron job is not working anymore. This cron job reads apache log files and generates statistics for this.

Here is a sample of the avc I get:

----

time->Sat May 25 10:01:07 2013

type=PATH msg=audit(1369468867.049:94733): item=1 name=(null) inode=5832775 dev=ca:00 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:httpd_sys_content_t:s0

type=PATH msg=audit(1369468867.049:94733): item=0 name="/var/www/hosting/iyoga.be/log/access_log"

type=CWD msg=audit(1369468867.049:94733): cwd="/"

type=SYSCALL msg=audit(1369468867.049:94733): arch=c000003e syscall=2 success=no exit=-13 a0=2cc6490 a1=0 a2=1b6 a3=37b751dd40 items=2 ppid=7229 pid=7230 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2826 comm="awstats.pl" exe="/usr/bin/perl" subj=system_u:system_r:awstats_t:s0-s0:c0.c1023 key=(null)

type=AVC msg=audit(1369468867.049:94733): avc: denied { search } for pid=7230 comm="awstats.pl" name="www" dev=xvda ino=5832775 scontext=system_u:system_r:awstats_t:s0-s0:c0.c1023 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir

----

In /var/log/messages the corresponding message is:

May 25 10:01:12 abmpub6 setroubleshoot: SELinux is preventing /usr/bin/perl from search access on the directory /var/www/hosting/iyoga.be/log/access_log. For complete SELinux messages.

run sealert -l cb05aa4b-3270-49e5-be6f-37c8a6cadc56

The first oddity to note is that /var/www/hosting/iyoga.be/log/access_log is not a directory, but a file.

Next I'm confused with the labels. The file is labeled system_u:object_r:httpd_log_t:s0, but the avc seems to complain about system_u:object_r:httpd_sys_content_t:s0

Currently installed packages:

selinux-policy-targeted-3.7.19-195.el6_4.5.noarch

awstats-7.0-3.el6.noarch

I have no idea what happens here, let alone how to fix it. Can anyone shed some more light on this ?

Thank you,

Geert