Hi,
>> is this a problem with the policy for munin or my system in general?
>
> If you have already relabeled (and it sounds like you have) then yes, it
> would be a bug with selinux-policy.
>
> You can always generate a policy to workaround the issue with:
>
> $ audit2allow -M mypolicy
> [paste AVC message here]
> CTRL+D
> # semodule -i mypolicy.pp
In a previous message in this thread, I wrote that I had done just that:
# cat mylog
type=AVC msg=audit(1299774763.043:2272): avc: denied { getattr } for
pid=3245 comm="httpd" path="/etc/munin/htpasswd.users" dev=sda1
ino=3543833 scontext=system_u:system_r:httpd_t:s0
tcontext=system_u:object_r:munin_etc_t:s0 tclass=file
type=AVC msg=audit(1299777304.684:2366): avc: denied { write } for
pid=12066 comm="munin_stats" name="munin_stats-127.0.0.1" dev=sda1
ino=3676145 scontext=unconfined_u:system_r:munin_t:s0
tcontext=system_u:object_r:munin_plugin_state_t:s0 tclass=file
# cat mylog | audit2allow -M mypol && semodule -i mypol.pp
******************** IMPORTANT ***********************
To make this policy package active, execute:
semodule -i mypol.pp
And it has no effect..
> I would suggest you collect all the information you can and open a bug
> report.
Does this still sound like a bug or am I doing something wrong?
Thanks,
Alex
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
