Package: selinux-policy-refpolicy-targeted
Version: 0.0.20070507-5
Severity: normal
munin module lacks the rule allowing apache to read it's files under
/var/www/munin, what
I understant from selinux refpolicy sources apache should be allowed to read
files
generated by munin.
Currently in permissive mode selinux generates following errors when accessing
munin with
apache:
audit(1184908713.367:669): avc: denied { search } for pid=16948
comm="apache2"
name="munin" dev=dm-0 ino=504656 scontext=system_u:system_r:httpd_t:s0
tcontext=system_u:object_r:munin_var_lib_t:s0 tclass=dir
audit(1184908713.367:670): avc: denied { getattr } for pid=16948
comm="apache2"
name="depili.fi.html" dev=dm-0 ino=146039 scontext=system_u:system_r:httpd_t:s0
tcontext=system_u:object_r:munin_var_lib_t:s0 tclass=file
audit(1184908713.367:671): avc: denied { read } for pid=16948 comm="apache2"
name="depili.fi.html" dev=dm-0 ino=146039 scontext=system_u:system_r:httpd_t:s0
tcontext=system_u:object_r:munin_var_lib_t:s0 tclass=file
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.22.1 (SMP w/2 CPU cores)
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
Versions of packages selinux-policy-refpolicy-targeted depends on:
ii libpam-modules 0.79-4 Pluggable Authentication Modules f
ii libselinux1 2.0.15-2+b1 SELinux shared libraries
ii policycoreutils 2.0.16-1 SELinux core policy utilities
ii python 2.4.4-6 An interactive high-level object-o
Versions of packages selinux-policy-refpolicy-targeted recommends:
ii checkpolicy 2.0.2-1 SELinux policy compiler
ii setools 2.4-3 Tresys tools for managing Security
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
