Why httpd wants to access /boot?
Daniel J Walsh
dwalsh at redhat.com
Mon Aug 20 09:53:53 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 08/19/2012 02:09 PM, Georgios Petasis wrote:
> Hi all,
>
> I am getting this strange selinux denial, each time the httpd server is
> restarted:
>
> type=AVC msg=audit(1345399262.193:190): avc: denied { getattr } for
> pid=3900 comm="httpd" path="/boot" dev="sda2" ino=2
> scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:boot_t:s0
> tclass=dir
>
> Does anyone knows why is it trying to read /boot?
>
> grep "/boot" and "boot" in all files in /etc/httpd didn't show any
> matches.
>
> George
More then likely some kind of listing of / or is /boot a mount point, it could
be looking at all mount points. Usually these we dontaudit, since it is
probably just noice.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAlAyCTEACgkQrlYvE4MpobMxawCdHilpwFIoLXzp4U4y184WFc84
DcYAn2DRBfcBSoqCtYITpQViwneBE49t
=BOFV
-----END PGP SIGNATURE-----
More information about the users
mailing list