Resúmen: SELinux is preventing /usr/sbin/httpd "setattr" access on zend_cache---internal-metadatas---Zend_LocaleL_es_ES_month_gregorian_format_abbreviated. Descripción Detallada: SELinux denied access requested by httpd. It is not expected that this access is required by httpd and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Permitiendo Acceso: You can generate a local policy module to allow this access - see FAQ (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug report. Información Adicional: Contexto Fuente unconfined_u:system_r:httpd_t:s0 Contexto Destino unconfined_u:object_r:user_tmp_t:s0 Objetos Destino zend_cache---internal-metadatas---Zend_LocaleL_es_ ES_month_gregorian_format_abbreviated [ file ] Fuente httpd Dirección de Fuente /usr/sbin/httpd Puerto <Desconocido> Nombre de Equipo (removed) Paquetes RPM Fuentes httpd-2.2.14-1.fc12 Paquetes RPM Destinos RPM de Políticas selinux-policy-3.6.32-113.fc12 SELinux Activado True Tipo de Política targeted Modo Obediente Enforcing Nombre de Plugin catchall Nombre de Equipo (removed) Plataforma Linux (removed) 2.6.32.11-99.fc12.i686.PAE #1 SMP Mon Apr 5 16:15:03 EDT 2010 i686 i686 Cantidad de Alertas 5 Visto por Primera Vez vie 07 may 2010 20:06:05 CEST Visto por Última Vez vie 07 may 2010 20:06:05 CEST ID Local 6197535e-b075-4176-9b2c-a423521381c9 Números de Línea Mensajes de Auditoría Crudos node=(removed) type=AVC msg=audit(1273255565.253:103): avc: denied { setattr } for pid=3091 comm="httpd" name="zend_cache---internal-metadatas---Zend_LocaleL_es_ES_month_gregorian_format_abbreviated" dev=sda9 ino=312151 scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1273255565.253:103): arch=40000003 syscall=15 success=no exit=-13 a0=b55171c0 a1=180 a2=b713ee4c a3=b5518654 items=0 ppid=3079 pid=3091 auid=500 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=1 comm="httpd" exe="/usr/sbin/httpd" subj=unconfined_u:system_r:httpd_t:s0 key=(null) Hash String generated from catchall,httpd,httpd_t,user_tmp_t,file,setattr audit2allow suggests: #============= httpd_t ============== allow httpd_t user_tmp_t:file setattr;
I think you have files that are mislabeled? zend_caceh* Where are these located? If you run restorecon -v zend_cache* Does the context change?
(In reply to comment #1) > I think you have files that are mislabeled? zend_caceh* Where are these > located? If you run restorecon -v zend_cache* Does the context change? I'm not able to find such file in my filesystem or were it could be. But i've googled a bit andiIt looks like is something related with the ZendFramework (http://framework.zend.com) library I use in a php web site i'm working with. I think you are right and I have some labeling problem. I have the web site files inside my user account and I have manually set the context httpd_sys_content_t over those files so i can test locally the site with httpd.
Ok if it happens again, reopen the bug, or run restorecon on the file, should fix.