Bug 168349
Summary: | External ACL-Files are ignored if they are stored under the home-directory | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Alex Pircher <alexander_pircher> |
Component: | squid | Assignee: | Martin Stransky <stransky> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 4 | Keywords: | Security |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i686 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2005-09-19 08:04:10 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Alex Pircher
2005-09-15 10:11:50 UTC
Seems that SELinux get's the hand on it, in the audit.log I've found: type=PATH msg=audit(1126778838.221:11646933): item=0 name="/home/domains.txt" flags=101 inode=5439489 dev=fd:00 mode=040755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1126778870.293:4650569): avc: denied { search } for pid=21036 comm="squid" name="home" dev=dm-0 ino=5439489 scontext=root:system_r:squid_t tcontext=system_u:object_r:home_root_t tclass=dir Sure, the essential function of the selinux is disabling access to directories which aren't explicidly allowed for access. |