Red Hat Bugzilla – Bug 229150
avc errors for httpd on init level change
Last modified: 2007-11-30 17:11:57 EST
Description of problem: I booted into runlevel 1, then hit CTRL-d to change into runlevel 5. I got a lot of avc errors (attached). These names refer to files in a tree of custom Perl libraries that would be loaded on httpd start for mod_perl. RPM versions: kernel-2.6.19-1.2895.fc6 selinux-policy-2.4.6-37.fc6 selinux-policy-targeted-2.4.6-37.fc6 SELinux is set to "Permissive" in system-config-securitylevel, and I haven't changed the other settings there.
Created attachment 148299 [details] avc errors
I should add that I ran "rmmod bcm43xx" while in init level 1.
These avc indicate apache is trying to read files labeled user_home_t. Either it is reading off your home directory or you moved (mv) files off your home directory and now they are labeled incorrectly. Similarly it is trying to read a file named session_data which is labeled tmp_t, which httpd is not allowed to read. You need to change the file context on these files/directories to some thing httpd is allowed to use (httpd_sys_content_t) If you want httpd to run on port 81 you need to tell selinux about it semanage port -a -t http_port_t -p tcp 81