Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- SELinux is preventing /usr/bin/python3.6 from write access on the directory pulp.
- ***** Plugin catchall (100. confidence) suggests **************************
- If you believe that python3.6 should be allowed write access on the pulp directory by default.
- Then you should report this as a bug.
- You can generate a local policy module to allow this access.
- Do
- allow this access for now by executing:
- # ausearch -c 'gunicorn' --raw | audit2allow -M my-gunicorn
- # semodule -i my-gunicorn.pp
- Additional Information:
- Source Context system_u:system_r:pulpcore_server_t:s0
- Target Context system_u:object_r:httpd_sys_rw_content_t:s0
- Target Objects pulp [ dir ]
- Source gunicorn
- Source Path /usr/bin/python3.6
- Port <Unknown>
- Host dhcp-3-234.vms.sat.rdu2.redhat.com
- Source RPM Packages python3-3.6.8-18.el7.x86_64
- Target RPM Packages
- Policy RPM selinux-policy-3.13.1-268.el7_9.2.noarch
- Selinux Enabled True
- Policy Type targeted
- Enforcing Mode Permissive
- Host Name dhcp-3-234.vms.sat.rdu2.redhat.com
- Platform Linux dhcp-3-234.vms.sat.rdu2.redhat.com
- 3.10.0-1160.42.2.el7.x86_64 #1 SMP Tue Aug 31
- 20:15:00 UTC 2021 x86_64 x86_64
- Alert Count 1
- First Seen 2021-09-29 14:28:14 EDT
- Last Seen 2021-09-29 14:28:14 EDT
- Local ID 157deb62-b582-46d4-8e99-bd0d62e0ac48
- Raw Audit Messages
- type=AVC msg=audit(1632940094.937:1495): avc: denied { write } for pid=46901 comm="gunicorn" name="pulp" dev="vda1" ino=84324129 scontext=system_u:system_r:pulpcore_server_t:s0 tcontext=system_u:object_r:httpd_sys_rw_content_t:s0 tclass=dir permissive=1
- type=AVC msg=audit(1632940094.937:1495): avc: denied { add_name } for pid=46901 comm="gunicorn" name="tmpgh9jihk8" scontext=system_u:system_r:pulpcore_server_t:s0 tcontext=system_u:object_r:httpd_sys_rw_content_t:s0 tclass=dir permissive=1
- type=AVC msg=audit(1632940094.937:1495): avc: denied { create } for pid=46901 comm="gunicorn" name="tmpgh9jihk8" scontext=system_u:system_r:pulpcore_server_t:s0 tcontext=system_u:object_r:httpd_sys_rw_content_t:s0 tclass=file permissive=1
- type=AVC msg=audit(1632940094.937:1495): avc: denied { read write open } for pid=46901 comm="gunicorn" path="/var/lib/pulp/tmpgh9jihk8" dev="vda1" ino=84369620 scontext=system_u:system_r:pulpcore_server_t:s0 tcontext=system_u:object_r:httpd_sys_rw_content_t:s0 tclass=file permissive=1
- type=SYSCALL msg=audit(1632940094.937:1495): arch=x86_64 syscall=open success=yes exit=EFAULT a0=7f632fbb02d0 a1=a00c2 a2=180 a3=3 items=0 ppid=46879 pid=46901 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=(none) ses=4294967295 comm=gunicorn exe=/usr/bin/python3.6 subj=system_u:system_r:pulpcore_server_t:s0 key=(null)
- Hash: gunicorn,pulpcore_server_t,httpd_sys_rw_content_t,dir,write
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement