Denied for com='ps' name='stat' {open} {read} {search}
Frank Licea
francisco.licea at gmail.com
Sun Dec 26 20:00:56 UTC 2010
I'm on a fresh install of Fedora 14 and using phusion passenger. I currently
have SELinux in permissive mode.
When I checked my /var/log/audit/audit.log file I noticed three denial
messages and I can't figure out why they are there. Has anyone encountered
anything similar before?
==========================
type=AVC msg=audit(1293393237.358:102): avc: denied { search } for
pid=3451 comm="ps" name="3279" dev=proc ino=9320
scontext=system_u:system_r:httpd_t:s0
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=dir
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this
access.
type=AVC msg=audit(1293393237.358:102): avc: denied { read } for pid=3451
comm="ps" name="stat" dev=proc ino=9816
scontext=system_u:system_r:httpd_t:s0
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this
access.
type=AVC msg=audit(1293393237.358:102): avc: denied { open } for pid=3451
comm="ps" name="stat" dev=proc ino=9816
scontext=system_u:system_r:httpd_t:s0
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this
access.
==========================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/selinux/attachments/20101226/5839de56/attachment.html
More information about the selinux
mailing list