Description of problem: SELinux is preventing /usr/sbin/httpd from 'search' accesses on the directory /var/log/lightdm. ***** Plugin catchall (100. confidence) suggests *************************** If si crede che httpd dovrebbe avere possibilità di accesso search sui lightdm directory in modo predefinito. Then si dovrebbe riportare il problema come bug. E' possibile generare un modulo di politica locale per consentire questo accesso. Do consentire questo accesso per il momento eseguendo: # grep httpd /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:httpd_t:s0 Target Context system_u:object_r:xserver_log_t:s0 Target Objects /var/log/lightdm [ dir ] Source httpd Source Path /usr/sbin/httpd Port <Sconosciuto> Host (removed) Source RPM Packages httpd-2.4.6-2.fc19.i686 Target RPM Packages lightdm-1.6.2-1.fc19.i686 Policy RPM selinux-policy-3.12.1-74.3.fc19.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 3.11.1-200.fc19.i686.PAE #1 SMP Sat Sep 14 15:20:42 UTC 2013 i686 i686 Alert Count 172 First Seen 2013-06-27 08:57:33 CEST Last Seen 2013-09-22 07:22:03 CEST Local ID 065ec2ba-dce7-4550-8ecc-8096b61f1a6c Raw Audit Messages type=AVC msg=audit(1379827323.69:511): avc: denied { search } for pid=2557 comm="httpd" name="lightdm" dev="dm-1" ino=1319699 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:xserver_log_t:s0 tclass=dir type=SYSCALL msg=audit(1379827323.69:511): arch=i386 syscall=stat64 success=no exit=EACCES a0=b7f52a40 a1=bf8140d0 a2=b7416000 a3=bf8140d0 items=0 ppid=934 pid=2557 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 ses=4294967295 tty=(none) comm=httpd exe=/usr/sbin/httpd subj=system_u:system_r:httpd_t:s0 key=(null) Hash: httpd,httpd_t,xserver_log_t,dir,search Additional info: reporter: libreport-2.1.7 hashmarkername: setroubleshoot kernel: 3.11.1-200.fc19.i686.PAE type: libreport Potential duplicate: bug 912001
*** This bug has been marked as a duplicate of bug 912001 ***