Hans Müller wrote:
Why is /etc/php.ini a link file?It is a link file because i have installed then Zend Optimizer.
Ok I will add the privs to do this.
No the problem is the mutex files. You could clean those up in the init scripts but the problem is, httpd is creating
Is there a way to get these files creates somewhere else? We might needand at step 5 I have entry with the avc: denied messages. This have i found: Mar 9 13:19:00 homer kernel: audit(1110370740.023:0): avc: denied { unlink } for pid=5797 exe=/usr/sbin/httpd name=ssl_mutex.5797 dev=hda1 ino=1063633 scontext=root:system_r:httpd_t tcontext=root:object_r:httpd_log_t tclass=file
to change policy, but allowing httpd the ability to unlink log files
is not an option. Since this would allow a cracker to cleanup his tracks.
I think no. The logfiles the since FC2 can it be that a have to do something with the logfiles??
those files in /etc/httpd/logs directory, which gives them a file context of httpd_log_t which is the same as the log files.
So in order to delete them, httpd needs the ability to delete httpd_log_t, which would allow it to delete its log files.
-- Learn, Network and Experience Open Source. Red Hat Summit, New Orleans 2005 http://www.redhat.com/promo/summit/
