-----BEGIN PGP SIGNED MESSAGE-----
On 10/21/2013 04:50 PM, m.roth(a)5-cent.us wrote:
Daniel J Walsh wrote:
> On 10/21/2013 04:28 PM, Daniel J Walsh wrote:
>> On 10/21/2013 04:24 PM, m.roth(a)5-cent.us wrote:
>>> The sealert tells me that a file named index.cgi is running avc on
>>> sysfs_t. Is there any tool that would get me the *full* path of
>>> index.cgi, as there are several of them, for several websites
>>> (including bugzilla)?
>>> CentOS 6.4.
>> You can turn on full auditing which should generate the path.
>> Or you can turn it on temporarily (Until next reboot)
>> auditctl -w /etc/shadow
> Here is a blog I wrote on this a few years back.
No joy, anywhere. I found some AVC's and looked at the inode...
/dev/char/203.11. And the sealert tells me only (for example) SELinux is
preventing /usr/bin/perl from read access on the file
Obviously, index.cgi is in perl....
-- selinux mailing list selinux(a)lists.fedoraproject.org
Well it would only happen after the next AVC.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----