Re: Bug 539519: selinux doesn't like httpd trying to read /var/run/pcscd.pid

Monday, 22 October 2012


-------- Original Message --------
From: Daniel J Walsh <dwalsh(a)redhat.com&gt;
...
On 10/19/2012 10:48 AM, m.roth(a)5-cent.us wrote:
 From: Daniel J Walsh <dwalsh(a)redhat.com&gt; On 10/17/2012 01:22 PM,
 m.roth(a)5-cent.us wrote:
> Daniel J Walsh wrote:
>> On 10/17/2012 11:48 AM, m.roth(a)5-cent.us wrote:
>>
>> Did you check the label on  /var/run/pcscd.pid?  What is the actual
>> avc you are seeing?
> -rw-r--r--. root root system_u:object_r:pcscd_var_run_t:s0
> /var/run/pcscd.pid
>
> And the sealert shows just the catchall.
>
> SELinux is preventing /usr/sbin/httpd from read access on the file
> /var/run/pcscd.pid.
>
> *****  Plugin catchall (100. confidence)
> Can you execute
> ausearch -m avc 
I think this is a sample of what you were asking for:
time->Fri Oct 19 00:45:01 2012
type=SYSCALL msg=audit(1350621901.305:71913): arch=c000003e syscall=2
success=ye
s exit=18 a0=7f0ebf4a6e22 a1=0 a2=1b6 a3=0 items=0 ppid=6184 pid=6247
auid=42949
67295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48
tty=(none)
 ses=4294967295 comm="httpd" exe="/usr/sbin/httpd"
subj=system_u:system_r:httpd_
t:s0 key=(null)
type=AVC msg=audit(1350621901.305:71913): avc:  denied  { open } for 
pid=6247 c
omm="httpd" name="pcscd.pid" dev=sda3 ino=81412261
scontext=system_u:system_r:ht
tpd_t:s0 tcontext=system_u:object_r:pcscd_var_run_t:s0 tclass=file
type=AVC msg=audit(1350621901.305:71913): avc:  denied  { read } for 
pid=6247 c
omm="httpd" name="pcscd.pid" dev=sda3 ino=81412261
scontext=system_u:system_r:ht
tpd_t:s0 tcontext=system_u:object_r:pcscd_var_run_t:s0 tclass=file

   mark

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004