Advertisement
Guest User

Untitled

a guest
Jul 25th, 2017
74
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.22 KB | None | 0 0
  1. Mar 31 16:50:39 web1 setroubleshoot: SELinux is preventing /bin/ps from getattr access on the directory /proc/<pid>. For complete SELinux messages. run sealert -l be51d126-d70e-491f-9ec8-f897677d9989
  2.  
  3. SELinux is preventing /bin/ps from getattr access on the directory /proc/<pid>.
  4.  
  5. ***** Plugin catchall (100. confidence) suggests ***************************
  6.  
  7. If you believe that ps should be allowed getattr access on the <pid> directory by default.
  8. Then you should report this as a bug.
  9. You can generate a local policy module to allow this access.
  10. Do
  11. allow this access for now by executing:
  12. # grep ps /var/log/audit/audit.log | audit2allow -M mypol
  13. # semodule -i mypol.pp
  14.  
  15. type=SYSCALL msg=audit(1427837702.229:721164): arch=c000003e syscall=4 success=no exit=-13 a0=8164d0 a1=3eaee11cc0 a2=
  16. 3eaee11cc0 a3=8164d6 items=0 ppid=2792 pid=2800 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48
  17. fsgid=48 tty=(none) ses=4294967295 comm="ps" exe="/bin/ps" subj=system_u:system_r:httpd_t:s0 key=(null)
  18. type=AVC msg=audit(1427837702.219:721127): avc: denied { getattr } for pid=2800 comm="ps" path="/proc/875" dev=proc
  19. ino=9349054 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement