Red Hat Bugzilla – Bug 987007
nginx-1.0.15-4.el6 update breaks awstats SELinux policy
Last modified: 2015-04-20 14:03:21 EDT
The fix for bug #913736 breaks the awstats SELinux policy and awstats_updateall.pl script run from the awstats cronjob can no longer access the logfiles in /var/log/nginx due to the overly strict permissions on that directory. root lacks read/execute permissions on that directory and the awstats SELinux policy does not grant the dac_override capability.
Please fix this by making /var/log/nginx group-owned by root and giving the root group read and execute permissions.