[katello-devel] help wanted with mod_passenger
Miroslav Grepl
mgrepl at redhat.com
Mon Nov 12 15:47:03 UTC 2012
On 11/12/2012 03:39 PM, Miroslav Suchý wrote:
> On 11/12/2012 01:49 PM, Miroslav Grepl wrote:
>> This is a labeling problem with
>> "selinux-policy-3.7.19-155.el6_3.6.noarch." which has been fixed in the
>> latest builds for RHEL6.4
>
> Even with
> selinux-policy-3.7.19-179.el6.noarch
> I'm getting:
>
> type=AVC msg=audit(1352728416.836:1192): avc: denied { getattr } for
> pid=14782 comm="ruby" path="/bin/alsaunmute" dev=dm-0 ino=527992
> scontext=unconfined_u:system_r:passenger_t:s0
> tcontext=system_u:object_r:alsa_exec_t:s0 tclass=file
> type=AVC msg=audit(1352728416.857:1193): avc: denied { getattr } for
> pid=14782 comm="ruby"
> path="/lib/modules/2.6.32-279.14.1.el6.x86_64/modules.isapnpmap"
> dev=dm-0 ino=794486 scontext=unconfined_u:system_r:passenger_t:s0
> tcontext=unconfined_u:object_r:modules_dep_t:s0 tclass=file
>
> where pid 14782 is
>
> 14780 ? Sl 0:00 PassengerHelperAgent
> 14782 ? S 0:00 \_ Passenger spawn server
> 14785 ? Sl 0:00 PassengerLoggingAgent
> 14793 ? S 0:00 PassengerWatchdog
> 14794 ? Ss 0:00 /usr/sbin/httpd
> 14796 ? Ssl 0:00 \_ PassengerWatchdog
> 14799 ? Sl 0:00 | \_ PassengerHelperAgent
> 14801 ? S 0:00 | | \_ Passenger spawn server
> 14805 ? Sl 0:00 | \_ PassengerLoggingAgent
>
> This happen non-deterministic. But will pop up if you start/stop httpd
> two or three times in row.
> Is there some BZ, so I can move there?
>
>
Yes, it makes sense. Basically I would like to see all AVC msgs in
permissive mode to know if a boolean is needed for them.
You can open a new bug for RHEL6.4.
Thanks.
More information about the katello-devel
mailing list