Bug 485867 - selinux-policy-targeted-3.5.13-44.fc10.noarch logrotate OCS Inventory Server audit message
selinux-policy-targeted-3.5.13-44.fc10.noarch logrotate OCS Inventory Server ...
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
i386 Linux
low Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
Depends On:
  Show dependency treegraph
Reported: 2009-02-17 00:20 EST by vikram goyal
Modified: 2009-02-25 15:04 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-02-25 10:30:22 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
audit message (2.86 KB, text/plain)
2009-02-17 00:20 EST, vikram goyal
no flags Details

  None (edit)
Description vikram goyal 2009-02-17 00:20:35 EST
Created attachment 332175 [details]
audit message

Description of problem:
selinux-policy-targeted-3.5.13-44.fc10.noarch logrotate OCS Inventory Server audit message

Version-Release number of selected component (if applicable):


How reproducible:

Steps to Reproduce:
Actual results:

Expected results:

Additional info:
Comment 1 Daniel Walsh 2009-02-17 08:55:24 EST
Are you sure this directory is labeled correctly?

 matchpathcon  /var/log/ocsinventory-server
/var/log/ocsinventory-server	system_u:object_r:httpd_log_t:s0

This looks like local customization?
Comment 2 Miroslav Grepl 2009-02-25 07:56:35 EST
*** Bug 487186 has been marked as a duplicate of this bug. ***
Comment 3 Daniel Walsh 2009-02-25 10:30:22 EST
Looking at the post installs of ocsinventory-server

rpm -qf --scripts /var/log/ocsinventory-server
postinstall scriptlet (using /bin/sh):
# New File context
semanage fcontext -a -s system_u -t httpd_log_t -r s0 "/var/log/ocsinventory-server(/.*)?" 
# files created by app
restorecon -R /var/log/ocsinventory-server
) &>/dev/null ||:
postuninstall scriptlet (using /bin/sh):
if [ "$1" -eq "0" ]; then
    # Remove the File Context
    semanage fcontext -d "/var/log/ocsinventory-server(/.*)?" &>/dev/null || :

So you definitely have labeled this differently.
Comment 4 stanl 2009-02-25 11:08:33 EST
If I did it certainly wasn't intentional.  How would I do that?  As I said in the other bug, I ran restorecon -v /var/log/ocsinventory-server.  Is there another command that might have the side effect of changing this?
Comment 5 Daniel Walsh 2009-02-25 11:21:33 EST
What does ls -lZ /var/log/ocsinventory-server

Say now?
Comment 6 stanl 2009-02-25 15:04:48 EST
It returns nothing after the ./autorelabel I did on reboot to pick up the latest test kernel.  That is, it returns a new command prompt immediately.  It's like I don't have any access there anymore.

If I run ls -lZ /var/log | less as root I get the result below:

drwxr-xr-x  apache root system_u:object_r:httpd_sys_content_rw_t:s0 ocsinventory-server

Note You need to log in before you can comment on or make changes to this bug.