From: qthuan@gmail.com (=?UTF-8?B?VGh14bqtbiDEkGluaA==?=)
Date: Wed, 12 Oct 2011 21:08:32 +0900
Subject: [refpolicy] Error when using refpolicy with apache httpd service
Message-ID: <CAP+-i3Dy-Kv3Tu2+MZo+JzUgWHavtWLbtmnDgEa6L+sKX093aA@mail.gmail.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Hi,

I'm new to SELinux general and try to research refpolicy. When I apply
refpolicy on Fedora 15 with Apache httpd service, and config the
build.config to type mcs. When I install and load to system, I touch
.autorelabel and reboot the system.
After that, I started the httpd service and
checked the command: ps-axZ | grep httpd and saw that this service is run by
type kernel_t:s0
I think it must something wrong. It must be run by httpd_t but it not. I
checked the audit log file and saw that have a log file

denied { ioctl } for pid=28591 comm=httpd path="/run/httpd/httpd.pid"
ino=927572 dev=tmpfs scontext=system_u:system_r:kernel_t:s0
tcontext=system_u:object_r:httpd_var_run_t:s0:c0.c15 tclass=file

Do you have any ideal? Please help me to fix this.

Regard,
Quang Thuan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://oss.tresys.com/pipermail/refpolicy/attachments/20111012/bcc08cfc/attachment.html