HI Russell
thanks a lot.
Another dummy question:
in the debian leeny there is polgen pkg,
http://packages.debian.org/lenny/polgen
but in sqeeze there is no polgen. where does it go? I guess I
installed all related selinux pkg, but could not find polgen
On Fri, 27 Apr 2012, Min Wang wrote:
> just wondering where is the tclass=sock_file defined?
In the refpolicy source it is in policy/flask/access_vectors .
>basically i have apache mod_tile want to access
>
> /var/run/renderd/renderd.sock ( from renderd)
>
> ls -lZ /var/run/renderd/
>
HI Russell
thanks a lot. that is really helpful.
just wondering where is the tclass=sock_file defined?
basically i have apache mod_tile want to access
/var/run/renderd/renderd.sock ( from renderd)
ls -lZ /var/run/renderd/
-rw-r--r--. apache apache system_u:object_r:initrc_var_run_t:s0
On Thu, 26 Apr 2012, Min Wang wrote:
> I have something in /var/log/audit/audit.log like:
>
> avc: denied { write } for pid=23739 comm="httpd" name="renderd.sock"
>dev=dm-0 ino=1183752 scontext=unconfined_u:system_r:httpd_t:s0
>tcontext=unconfined_u:object_r:var_run_t:s0 tclass=s
HI
I have something in /var/log/audit/audit.log like:
avc: denied { write } for pid=23739 comm="httpd" name="renderd.sock"
dev=dm-0 ino=1183752 scontext=unconfined_u:system_r:httpd_t:s0
tcontext=unconfined_u:object_r:var_run_t:s0 tclass=sock_file
use audit2allow it generates somethi
5 matches
Mail list logo