SELinux "allow httpd_t httpd_sys_content_t:dir write;"
Posted
by
alexus
on Server Fault
See other posts from Server Fault
or by alexus
Published on 2014-06-12T23:27:43Z
Indexed on
2014/06/13
3:27 UTC
Read the original article
Hit count: 478
I'm getting following message in my /var/log/audit/audit.log
:
type=AVC msg=audit(1402615093.053:68): avc: denied { write } for pid=799 comm="httpd" name="php" dev="xvda1" ino=8667365 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=dir
type=SYSCALL msg=audit(1402615093.053:68): arch=c000003e syscall=2 success=no exit=-13 a0=7f7a5ca697a8 a1=241 a2=1b6 a3=1 items=0 ppid=662 pid=799 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="httpd" exe="/usr/sbin/httpd" subj=system_u:system_r:httpd_t:s0 key=(null)
pipe audit2allow
outputs:
#============= httpd_t ==============
#!!!! This avc can be allowed using the boolean 'httpd_unified'
allow httpd_t httpd_sys_content_t:dir write;
How do I apply allow httpd_t httpd_sys_content_t:dir write;
to my current SELinux
policy?
© Server Fault or respective owner