-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 11/21/2012 08:05 AM, mark wrote:
On 11/21/12 05:17, Daniel J Walsh wrote:
On 11/20/2012 03:56 PM, m.roth@5-cent.us wrote:
I upgraded a development server last week, and it started spewing selinux errors to the log. I googled. What finally *seems* to have stopped it was a) setsebool -P httpd_setrlimit 1 b) yum downgrade selinux-policy*
This is on a 6.3 box. Has anyone else seen this behaviour?
I would doubt you needed to downgrade the policy. I would figure you got a new version of apache or some application that was requiring httpd to setrlimit.
You mean *all* that garbage was because setrlimit needed to be set? If so, I would have expected the installation or upgrade of the package to do that in the postinstall.
Thanks.
mark
I have no idea what happened to cause the problem. But I do know that selinux-policy releases always loosen policy on minor releases. Since there is no tightening of selinux-policy I don't see where upgrading or downgrading policy would suddenly cause apache to want to setrlimit. Other packages within the same update like potentially the kernel, httpd or perhaps the apps you are running in httpd could have caused it.