[prev in list] [next in list] [prev in thread] [next in thread] 

List:       selinux
Subject:    Re: avc: denied
From:       Russell Coker <russell () coker ! com ! au>
Date:       2002-12-25 0:51:44
[Download RAW message or body]

On Wed, 25 Dec 2002 01:47, Subba Rao wrote:
> I downloaded your policy.tgz and compared the "mrtg.fc" file with the your
> file. They are the same.

OK, it's your system that is weird then.

> In the listed example, you are seeing only mrtg, but there are lot more
> than the MRTG errors (or messages).

I have just noticed that the error message below concerns crond_t which means 
that the cron job is not running in the correct context.  I guess that you 
aren't using the modified crond.

You need modified utilities to rotate log files, run cron jobs, and login.  
Without the SE Linux modified utilities things won't work.

> ======= At 2002-12-22, 16:52:00 you wrote: =======
>
> >On Sun, 22 Dec 2002 15:58, Subba Rao wrote:
> >> ===================
> >> avc:  denied  { search } for  pid=848 exe=/usr/bin/perl
> >> path=/var/www/mrtg dev=03:01 ino=272926
> >> scontext=system_u:system_r:crond_t
> >> tcontext=system_u:object_r:httpd_sys_content_t tclass=dir
> >
> >Did you install my mrtg policy?
>
> = = = = = = = = = = = = = = = = = = = =

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
[prev in list] [next in list] [prev in thread] [next in thread]