Hi,
I am trying to get Big Brother working on EL4. I have the following in
the httpd.conf
Alias /bb /home/bb/bb/www
With SELinux enabled I get the following in the logs when I try to access
the BB web page
:
Jun 25 18:44:24 pocono kernel: audit(1119739464.262:0): avc: denied { search } for
pid=20700 comm=httpd name=bb dev=dm-1 ino=6406600 scontext=root:system_r:httpd_t
tcontext=root:object_r:user_home_t tclass=dir
Jun 25 18:44:24 pocono kernel: audit(1119739464.262:0): avc: denied { getattr } for
pid=20700 comm=httpd path=/home/bb/bb dev=dm-1 ino=6406600 scontext=root:system_r:httpd_t
tcontext=root:object_r:user_home_t tclass=dir
Jun 25 18:44:27 pocono kernel: audit(1119739467.679:0): avc: denied { search } for
pid=23158 comm=httpd name=bb dev=dm-1 ino=6406600 scontext=root:system_r:httpd_t
tcontext=root:object_r:user_home_t tclass=dir
Jun 25 18:44:27 pocono kernel: audit(1119739467.679:0): avc: denied { getattr } for
pid=23158 comm=httpd path=/home/bb/bb dev=dm-1 ino=6406600 scontext=root:system_r:httpd_t
tcontext=root:object_r:user_home_t tclass=dir
If I disable SELinux for apache, I can access the BB web pages just fine.
I relabeled /home/bb/bb/www but I still get the errors.
(pocono pts31) # ll -Z ~bb/bb/www
-rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bb-ack.sh
-rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bb-hist.sh
-rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bb-histlog.sh
-rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bb-hostsvc.sh
-rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bb-rep.sh
-rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bb-replog.sh
-rw-rw-r-- bb bb user_u:object_r:user_home_t bb.html
-rw-rw-r-- bb bb user_u:object_r:user_home_t bb2.html
drwxr-xr-x bb bb root:object_r:httpd_sys_content_t gifs
drwxr-xr-x bb bb root:object_r:httpd_sys_content_t help
drwxr-xr-x bb bb root:object_r:httpd_sys_content_t html
-rw-r--r-- bb bb root:object_r:httpd_sys_content_t index.html
drwxr-xr-x bb bb root:object_r:httpd_sys_content_t newbldg
drwxr-xr-x bb bb root:object_r:httpd_sys_content_t notes
drwxrwxr-x bb apache root:object_r:httpd_sys_content_t rep
drwxr-xr-x bb bb root:object_r:httpd_sys_content_t reynolds
drwxr-xr-x bb bb root:object_r:httpd_sys_content_t rogueind
drwxr-xr-x bb bb root:object_r:httpd_sys_content_t routers
drwxr-xr-x bb bb root:object_r:httpd_sys_content_t xo
(pocono pts31) #
I tried relabeling bb.html and bb2.html but they keep reverting to
user_u:object_r:user_home_t. I suspect this is my problem but I am new
to SELinux so I am not sure.
Can someone suggest how to fix this??
Regards,
Tom Diehl tdiehl(a)rogueind.com Spamtrap address mtd123(a)rogueind.com
Show replies by date