I'm still a bit new to selinux, so apologies if this is a silly
question. I've been running httpd in the past, but I've recently had
errors accessing my mythweb folder (lots of permission denied
messages) with the following logged in /var/log/messages:
Jun 11 19:11:16 agora kernel: audit(1118542276.660:0): avc: denied {
write } for pid=19303 exe=/usr/sbin/httpd name=image_cache dev=sda1
ino=1392658 scontext=root:system_r:httpd_t tcontext=system_u:object_r:httpd_sys_content_t
tclass=dir
this is from the php scripts in mythweb attempting to write to an
image cache, which is also under the mythweb folder. httpd_unified is
set to 1, so I would have thought any write call by httpd would be
allowed... but I'm obviously missing something simple. Would putting:
allow httpd_t httpd_sys_content_t:dir write;
in my policy be an appropriate solution?
Thanks for any help,
Tim F
Show replies by date