I seem to have quieted some, but I'm still getting noise from selinux. Here's one that really puzzles me: my users have a ruby app with passenger running. However, one of the sealerts gives me: sealert -l 5a02b0a1-8512-4f71-b1c8-70a40b090a9d SELinux is preventing /bin/chmod from using the fowner capability.
***** Plugin catchall_boolean (89.3 confidence) suggests *******************
If you want to allow Apache to run in stickshift mode, not transition to passenger Then you must tell SELinux about this by enabling the 'httpd_run_stickshift' boolean.You can read 'httpd_selinux' man page for more details. Do setsebool -P httpd_run_stickshift 1 <...>
Is there a boolean I'm missing, or are they doing something wrong? Clues for the poor appreciated.
mark