-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 10/11/2012 11:47 AM, John Horne wrote:
On Thu, 2012-10-11 at 11:42 -0400, Daniel J Walsh wrote:
On 10/11/2012 06:34 AM, John Horne wrote:
On Wed, 2012-10-10 at 11:38 +0100, John Horne wrote:
the /etc/cron.daily/freshclam script runs in the early morning, I get sent an email error message:
===================================== /etc/cron.daily/freshclam:
Can't locate strict.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /usr/local/bin/xymon_event line 15. BEGIN failed--compilation aborted at /usr/local/bin/xymon_event line 15. =====================================
Hello,
Turns out this is an SELinux issue - the audit.log file shows access to strict.pm being denied. As the problem occurs on 6.3, but not on our 5.8 systems, I have submitted it as a bug to RedHat (#865390) to see what they say. (We have both CentOS and RedHat 5.8/6.3 servers.)
John.
What is the path to strict.pm? Do you see any AVC messages?
Hello,
The path is '/usr/share/perl5/strict.pm'.
The audit.log shows:
============================================= type=AVC msg=audit(1349922579.929:111741): avc: denied { getattr } for pid=29296 comm="xymon_event" path="/usr/share/perl5/strict.pm" dev=sda1 ino=922261 scontext=system_u:system_r:freshclam_t:s0-s0:c0.c1023 tcontext=system_u:object_r:usr_t:s0 tclass=file =============================================
John.
Yes this should be allowed.