Project

General

Profile

Actions
Copy link

Bug #7198

closed

Socket read and write on RHEL7

Added by Lukas Zapletal over 9 years ago. Updated almost 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Lukas Zapletal
Category:
Packaging
Target version:
1.6.0
Difficulty:
easy
Triaged:
Bugzilla link:
1132495
Pull request:
https://github.com/theforeman/foreman-selinux/pull/30
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

time->Wed Aug 20 18:00:12 2014
type=SYSCALL msg=audit(1408572012.231:413): arch=c000003e syscall=59 success=yes exit=0 a0=7f86e7fcf748 a1=7fffcce946f0 a2=7fff
cce97570 a3=8 items=0 ppid=19658 pid=19659 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) s
es=4294967295 comm="PassengerWatchd" exe="/usr/lib64/gems/ruby/passenger-4.0.18/agents/PassengerWatchdog" subj=system_u:system_
r:passenger_t:s0 key=(null)
type=AVC msg=audit(1408572012.231:413): avc:  denied  { noatsecure } for  pid=19659 comm="PassengerWatchd" scontext=system_u:sy
stem_r:httpd_t:s0 tcontext=system_u:system_r:passenger_t:s0 tclass=process
type=AVC msg=audit(1408572012.231:413): avc:  denied  { siginh } for  pid=19659 comm="PassengerWatchd" scontext=system_u:system
_r:httpd_t:s0 tcontext=system_u:system_r:passenger_t:s0 tclass=process
type=AVC msg=audit(1408572012.231:413): avc:  denied  { rlimitinh } for  pid=19659 comm="PassengerWatchd" scontext=system_u:sys
tem_r:httpd_t:s0 tcontext=system_u:system_r:passenger_t:s0 tclass=process
type=AVC msg=audit(1408572012.231:413): avc:  denied  { read write } for  pid=19659 comm="PassengerWatchd" path="socket:[98770]" dev="sockfs" ino=98770 scontext=system_u:system_r:passenger_t:s0 tcontext=system_u:system_r:httpd_t:s0 tclass=unix_stream_socket

allow passenger_t httpd_t:unix_stream_socket { read write };

Related issues 1 (0 open1 closed)

Related to SELinux - Tracker #7249: Policy with workarounds for Foreman w/ KatelloClosedLukas Zapletal08/25/2014

Actions
Actions
Copy link

Also available in: Atom PDF