Bug 485867
| Summary: | selinux-policy-targeted-3.5.13-44.fc10.noarch logrotate OCS Inventory Server audit message | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | vikram goyal <vikigoyal> | ||||
| Component: | selinux-policy-targeted | Assignee: | Daniel Walsh <dwalsh> | ||||
| Status: | CLOSED NOTABUG | QA Contact: | Ben Levenson <benl> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | low | ||||||
| Version: | 10 | CC: | dnovotny, stanl | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | i386 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2009-02-25 15:30:22 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Are you sure this directory is labeled correctly? matchpathcon /var/log/ocsinventory-server /var/log/ocsinventory-server system_u:object_r:httpd_log_t:s0 This looks like local customization? *** Bug 487186 has been marked as a duplicate of this bug. *** Looking at the post installs of ocsinventory-server
rpm -qf --scripts /var/log/ocsinventory-server
postinstall scriptlet (using /bin/sh):
(
# New File context
semanage fcontext -a -s system_u -t httpd_log_t -r s0 "/var/log/ocsinventory-server(/.*)?"
# files created by app
restorecon -R /var/log/ocsinventory-server
) &>/dev/null ||:
postuninstall scriptlet (using /bin/sh):
if [ "$1" -eq "0" ]; then
# Remove the File Context
semanage fcontext -d "/var/log/ocsinventory-server(/.*)?" &>/dev/null || :
fi
So you definitely have labeled this differently.
If I did it certainly wasn't intentional. How would I do that? As I said in the other bug, I ran restorecon -v /var/log/ocsinventory-server. Is there another command that might have the side effect of changing this? What does ls -lZ /var/log/ocsinventory-server Say now? It returns nothing after the ./autorelabel I did on reboot to pick up the latest test kernel. That is, it returns a new command prompt immediately. It's like I don't have any access there anymore. If I run ls -lZ /var/log | less as root I get the result below: drwxr-xr-x apache root system_u:object_r:httpd_sys_content_rw_t:s0 ocsinventory-server |
Created attachment 332175 [details] audit message Description of problem: selinux-policy-targeted-3.5.13-44.fc10.noarch logrotate OCS Inventory Server audit message Version-Release number of selected component (if applicable): selinux-policy-targeted-3.5.13-44.fc10.noarch ocsinventory-server-1.02-0.10.rc3.fc10.noarch logrotate-3.7.7-1.fc10.i386 How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: