SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Skip Research Menus

Research Menu

Research Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List RE: apache-ssl mods for Debian This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] [ Replies ] From: Ed Street <edstreet_at_street-tek.com> Date: Mon, 12 Apr 2004 16:14:42 -0400 Hello, This time I get the following. When I start apache-ssl, run_init /etc/init.d/apache-ssl I get the following. avc: denied { read } for pid=12580 exe=/usr/sbin/run_init path=pipe:[4995] dev= ino=4995 scontext=blacknet:sysadm_r:run_init_t tcontext=blacknet:sysadm_r:sysadm_su_t tclass=fifo_file avc: denied { getattr } for pid=12580 exe=/usr/sbin/run_init path=/proc/12580/mounts dev= ino=824442896 scontext=blacknet:sysadm_r:run_init_t tcontext=blacknet:sysadm_r:run_init_t tclass=file avc: denied { getattr } for pid=12581 exe=/sbin/unix_chkpwd path=/proc/12581/mounts dev= ino=824508432 scontext=blacknet:sysadm_r:sysadm_chkpwd_t tcontext=blacknet:sysadm_r:sysadm_chkpwd_t tclass=file avc: denied { read } for pid=12583 exe=/bin/bash name=selinux dev=hda3 ino=1785904 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:policy_src_t tclass=lnk_file avc: denied { read } for pid=12582 exe=/bin/bash name=selinux dev=hda3 ino=1785904 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:policy_src_t tclass=lnk_file avc: denied { search } for pid=12587 exe=/usr/sbin/apache-ssl name=apache-ssl dev=hda3 ino=2457683 scontext=system_u:system_r:httpd_t tcontext=system_u:object_r:httpd_exec_t tclass=dir avc: denied { search } for pid=12588 exe=/usr/sbin/apache-ssl name=apache-ssl dev=hda3 ino=2457683 scontext=system_u:system_r:httpd_t tcontext=system_u:object_r:httpd_exec_t tclass=dir avc: denied { search } for pid=12589 exe=/usr/sbin/apache-ssl name=apache-ssl dev=hda3 ino=2457683 scontext=system_u:system_r:httpd_t tcontext=system_u:object_r:httpd_exec_t tclass=dir avc: denied { search } for pid=12591 exe=/usr/sbin/apache-ssl name=apache-ssl dev=hda3 ino=2457683 scontext=system_u:system_r:httpd_t tcontext=system_u:object_r:httpd_exec_t tclass=dir When I lynx https://localhost/ I get the following. avc: denied { write } for pid=12592 exe=/usr/sbin/apache-ssl name=gcache_port dev=hda3 ino=2539552 scontext=system_u:system_r:httpd_t tcontext=system_u:object_r:var_run_t tclass=sock_file This is why I used r_dir_file and the exec line, it was the closest match I could find to what I needed. Ed --- Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.656 / Virus Database: 421 - Release Date: 4/9/2004 -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Mon 12 Apr 2004 - 16:15:12 EDT This message: [ Message body ] Next message: Tom Mitchell: "Re: Logo Artwork for SELinux?" Previous message: todd glassey: "Re: Logo Artwork for SELinux?" In reply to: Russell Coker: "Re: apache-ssl mods for Debian" Next in thread: Russell Coker: "Re: apache-ssl mods for Debian" Reply: Russell Coker: "Re: apache-ssl mods for Debian" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom