Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Mar 31 16:50:39 web1 setroubleshoot: SELinux is preventing /bin/ps from getattr access on the directory /proc/<pid>. For complete SELinux messages. run sealert -l be51d126-d70e-491f-9ec8-f897677d9989
- SELinux is preventing /bin/ps from getattr access on the directory /proc/<pid>.
- ***** Plugin catchall (100. confidence) suggests ***************************
- If you believe that ps should be allowed getattr access on the <pid> directory by default.
- Then you should report this as a bug.
- You can generate a local policy module to allow this access.
- Do
- allow this access for now by executing:
- # grep ps /var/log/audit/audit.log | audit2allow -M mypol
- # semodule -i mypol.pp
- type=SYSCALL msg=audit(1427837702.229:721164): arch=c000003e syscall=4 success=no exit=-13 a0=8164d0 a1=3eaee11cc0 a2=
- 3eaee11cc0 a3=8164d6 items=0 ppid=2792 pid=2800 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48
- fsgid=48 tty=(none) ses=4294967295 comm="ps" exe="/bin/ps" subj=system_u:system_r:httpd_t:s0 key=(null)
- type=AVC msg=audit(1427837702.219:721127): avc: denied { getattr } for pid=2800 comm="ps" path="/proc/875" dev=proc
- ino=9349054 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement