Choosing A Webhost:
A web hosting service is a type of Internet hosting service that allows individuals and organizations to provide their own website accessible via the World Wide Web. Web hosts are companies that provide space on a server they own for use by their clients as well as providing Internet connectivity, typically in a data center. Web hosts can also provide data center space and connectivity to the Internet for servers they do not own to be located in their data center, called colocation. more...
|
Re: Selinux is denying webalizer: msg#00104
|
Subject: |
Re: Selinux is denying webalizer |
Tomas Larsson wrote:
Selinux is denying webalizer one logfile.
I want webalizer to make a report of vsftps.log, but senlinux is denying
webalizer access to the file, what to do?
Webilizer is run as a cronjob as root.
A snip from auth.log
type=PATH msg=audit(1127509217.604:11185427): item=0 name="webalizer.conf"
flags=401 inode=32641 dev=fd:00 mode=042777 ouid=0 ogid=0 rdev=00:00
type=CRED_DISP msg=audit(1127509222.415:11193091): user pid=29417 uid=0
auid=0 msg='PAM setcred: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
type=USER_END msg=audit(1127509222.416:11193110): user pid=29417 uid=0
auid=0 msg='PAM session close: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
type=AVC msg=audit(1127509223.373:11195697): avc: denied { search } for
pid=29635 comm="webalizer" name="root" dev=dm-0 ino=32641
scontext=root:system_r:webalizer_t tcontext=root:object_r:user_home_dir_t
tclass=dir
type=SYSCALL msg=audit(1127509223.373:11195697): arch=40000003 syscall=33
success=no exit=-13 a0=8060468 a1=0 a2=4a3ff4 a3=80617f0 items=1 pid=29635
auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="webalizer" exe="/usr/bin/webalizer"
type=CWD msg=audit(1127509223.373:11195697): cwd="/root"
type=PATH msg=audit(1127509223.373:11195697): item=0 name="webalizer.conf"
flags=401 inode=32641 dev=fd:00 mode=042777 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1127509223.410:11195998): avc: denied { search } for
pid=29637 comm="webalizer" name="root" dev=dm-0 ino=32641
scontext=root:system_r:webalizer_t tcontext=root:object_r:user_home_dir_t
tclass=dir
type=SYSCALL msg=audit(1127509223.410:11195998): arch=40000003 syscall=33
success=no exit=-13 a0=8060468 a1=0 a2=2fcff4 a3=80617f0 items=1 pid=29637
auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="webalizer" exe="/usr/bin/webalizer"
type=CWD msg=audit(1127509223.410:11195998): cwd="/root"
type=PATH msg=audit(1127509223.410:11195998): item=0 name="webalizer.conf"
flags=401 inode=32641 dev=fd:00 mode=042777 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1127509223.413:11196024): avc: denied { read } for
pid=29637 comm="webalizer" name="vsftpd.log" dev=dm-0 ino=1143800
scontext=root:system_r:webalizer_t tcontext=system_u:object_r:xferlog_t
tclass=file
type=SYSCALL msg=audit(1127509223.413:11196024): arch=40000003 syscall=5
success=no exit=-13 a0=8f6ff78 a1=8000 a2=1b6 a3=8f6f060 items=1 pid=29637
auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="webalizer" exe="/usr/bin/webalizer"
type=CWD msg=audit(1127509223.413:11196024): cwd="/root"
type=PATH msg=audit(1127509223.413:11196024): item=0
name="/var/log/vsftpd.log" flags=101 inode=1143800 dev=fd:00 mode=0100600
ouid=0 ogid=0 rdev=00:00
type=CRED_DISP msg=audit(1127509224.298:11197719): user pid=29420 uid=0
auid=0 msg='PAM setcred: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
type=USER_END msg=audit(1127509224.299:11197742): user pid=29420 uid=0
auid=0 msg='PAM session close: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
type=USER_ACCT msg=audit(1127509261.312:11221084): user pid=29715 uid=0
auid=4294967295 msg='PAM accounting: user=root exe="/usr/sbin/crond"
(hostname=?, addr=?, terminal=cron result=Success)'
type=LOGIN msg=audit(1127509261.314:11221153): login pid=29715 uid=0 old
auid=4294967295 new auid=0
type=USER_START msg=audit(1127509261.314:11221159): user pid=29715 uid=0
auid=0 msg='PAM session open: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
type=CRED_ACQ msg=audit(1127509261.314:11221168): user pid=29715 uid=0
auid=0 msg='PAM setcred: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
type=CRED_DISP msg=audit(1127509261.328:11221481): user pid=29715 uid=0
auid=0 msg='PAM setcred: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
type=USER_END msg=audit(1127509261.329:11221500): user pid=29715 uid=0
auid=0 msg='PAM session close: user=root exe="/usr/sbin/crond" (hostname=?,
addr=?, terminal=cron result=Success)'
With best regards
Tomas Larsson
Sweden
Verus Amicus Est Tamquam Alter Idem
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
That seems legitimate. I will add to policy.
--
|
| |
