API tools faq
paste
Advertisement
mikedep333

Untitled

mikedep333
Sep 29th, 2021
362
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.13 KB | None | 0 0
raw download clone embed print report
  1. SELinux is preventing /usr/bin/python3.6 from write access on the directory pulp.
  2.  
  3. ***** Plugin catchall (100. confidence) suggests **************************
  4.  
  5. If you believe that python3.6 should be allowed write access on the pulp directory by default.
  6. Then you should report this as a bug.
  7. You can generate a local policy module to allow this access.
  8. Do
  9. allow this access for now by executing:
  10. # ausearch -c 'gunicorn' --raw | audit2allow -M my-gunicorn
  11. # semodule -i my-gunicorn.pp
  12.  
  13.  
  14. Additional Information:
  15. Source Context system_u:system_r:pulpcore_server_t:s0
  16. Target Context system_u:object_r:httpd_sys_rw_content_t:s0
  17. Target Objects pulp [ dir ]
  18. Source gunicorn
  19. Source Path /usr/bin/python3.6
  20. Port <Unknown>
  21. Host dhcp-3-234.vms.sat.rdu2.redhat.com
  22. Source RPM Packages python3-3.6.8-18.el7.x86_64
  23. Target RPM Packages
  24. Policy RPM selinux-policy-3.13.1-268.el7_9.2.noarch
  25. Selinux Enabled True
  26. Policy Type targeted
  27. Enforcing Mode Permissive
  28. Host Name dhcp-3-234.vms.sat.rdu2.redhat.com
  29. Platform Linux dhcp-3-234.vms.sat.rdu2.redhat.com
  30. 3.10.0-1160.42.2.el7.x86_64 #1 SMP Tue Aug 31
  31. 20:15:00 UTC 2021 x86_64 x86_64
  32. Alert Count 1
  33. First Seen 2021-09-29 14:28:14 EDT
  34. Last Seen 2021-09-29 14:28:14 EDT
  35. Local ID 157deb62-b582-46d4-8e99-bd0d62e0ac48
  36.  
  37. Raw Audit Messages
  38. type=AVC msg=audit(1632940094.937:1495): avc: denied { write } for pid=46901 comm="gunicorn" name="pulp" dev="vda1" ino=84324129 scontext=system_u:system_r:pulpcore_server_t:s0 tcontext=system_u:object_r:httpd_sys_rw_content_t:s0 tclass=dir permissive=1
  39.  
  40.  
  41. type=AVC msg=audit(1632940094.937:1495): avc: denied { add_name } for pid=46901 comm="gunicorn" name="tmpgh9jihk8" scontext=system_u:system_r:pulpcore_server_t:s0 tcontext=system_u:object_r:httpd_sys_rw_content_t:s0 tclass=dir permissive=1
  42.  
  43.  
  44. type=AVC msg=audit(1632940094.937:1495): avc: denied { create } for pid=46901 comm="gunicorn" name="tmpgh9jihk8" scontext=system_u:system_r:pulpcore_server_t:s0 tcontext=system_u:object_r:httpd_sys_rw_content_t:s0 tclass=file permissive=1
  45.  
  46.  
  47. type=AVC msg=audit(1632940094.937:1495): avc: denied { read write open } for pid=46901 comm="gunicorn" path="/var/lib/pulp/tmpgh9jihk8" dev="vda1" ino=84369620 scontext=system_u:system_r:pulpcore_server_t:s0 tcontext=system_u:object_r:httpd_sys_rw_content_t:s0 tclass=file permissive=1
  48.  
  49.  
  50. type=SYSCALL msg=audit(1632940094.937:1495): arch=x86_64 syscall=open success=yes exit=EFAULT a0=7f632fbb02d0 a1=a00c2 a2=180 a3=3 items=0 ppid=46879 pid=46901 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=(none) ses=4294967295 comm=gunicorn exe=/usr/bin/python3.6 subj=system_u:system_r:pulpcore_server_t:s0 key=(null)
  51.  
  52. Hash: gunicorn,pulpcore_server_t,httpd_sys_rw_content_t,dir,write
  53.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!