-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 01/11/2012 02:50 PM, 夜神 岩男 wrote:
On 01/12/2012 03:48 AM, Daniel J Walsh wrote:
In Fedora we currently dontaudit this leak.
audit2allow -i /tmp/t
#============= httpd_sys_script_t ============== #!!!! This avc has a dontaudit rule in the current policy
allow httpd_sys_script_t httpd_t:udp_socket { read write };
Pow. Reasonable answer, and it isn't so hard to run that command -- its just difficult to understand why its necessary if you don't know anything about the environment, and mystifying if you know the command but nothing about what's going on. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
The following explaines leaked file descriptors.
http://danwalsh.livejournal.com/6117.html?thread=23525
In RHEL6 and Fedora you can run avc messages through audit2allow and it will tell you whether or not there is policy effecting the AVC.
setroubleshoot can also be helpful in these circumstances.