Hi
I'm hoping someone can help me with this. I'm running a process that's
getting the following violations:
Feb 7 11:54:34 jupiter kernel: audit(1170849274.441:2160): avc:
denied { getattr } for pid=11754 comm="beltane_cp" name="yule"
dev=sda3 ino=145930 scontext=root:system_r:httpd_sys_script_t
tcontext=system_u:object_r:var_lib_t tclass=dir
Feb 7 11:54:35 jupiter kernel: audit(1170849275.859:2161): avc:
denied { getsession } for pid=27224 comm="httpd"
scontext=root:system_r:httpd_t tcontext=root:system_r:unconfined_t
tclass=process
What I did next was to run the following:
audit2allow -i /var/log/messages
and I get the following output
allow httpd_sys_script_t var_lib_t:dir getattr;
allow httpd_t unconfined_t:process getsession;
Which I enter into
/etc/selinux/targeted/src/policy/domains/misc/local.te
Then from the policy directory I run
make load
Upon which I get the following error
/usr/bin/checkpolicy -o /etc/selinux/targeted/policy/policy.18 policy.conf
/usr/bin/checkpolicy: loading policy configuration from policy.conf
security: 3 users, 4 roles, 355 types, 26 bools
security: 55 classes, 22619 rules
assertion on line 25169 violated by allow httpd_t unconfined_t:process
{ getsession };
make: *** [/etc/selinux/targeted/policy/policy.18] Error 1
I don't know what this means, I've tried to look it up i.e google
search, but to no avail. Any ideas?
Thanks in advance
Dan
