[CentOS] SELinux is preventing /bin/ps from search access

Fri Sep 14 17:31:12 UTC 2012
James B. Byrne <byrnejb at harte-lyne.ca>

On Thu, September 13, 2012 16:06, m.roth at 5-cent.us wrote:
> CentOS 6.3. *Just* updated, including most current selinux-policy and
> selinux-policy-targeted. I'm getting tons of these, as in it's just
> spitting them out when I tail -f /var/log/messages:
> Sep 13 15:20:51 <server> setroubleshoot: SELinux is preventing /bin/ps
> from search access on the directory @2. For complete SELinux messages.
> run
> sealert -l d92ec78b-3897-4760-93c5-343a662fec67
> Sep 13 15:20:51 <server> setroubleshoot: SELinux is preventing /bin/ps
> from getattr access on the directory /proc/<pid>. For complete SELinux
> messages. run sealert -l a9c9bf7d-d646-4c29-9fe6-ac61b6806f52
> Sep 13 15:20:52 <server> setroubleshoot: SELinux is preventing /bin/ps
> from search access on the directory 4417. For complete SELinux
> messages.
> run sealert -l b321ab2d-0277-45c9-bc86-545f9ff6ff91
>
> You can see how many of them there are from the timestamps.
>
> Googling, I've seen other folks complain months ago, but no answers.
> Anyone have a clue? (And yes, I've posted this to the selinux list,
> also.
> I'm getting deluged in the logs, and would very, very much like to
> solve
> this today.)
>
> If selinux wasn't in permissive mode, something(s) would be dead.
>
>        mark
>

Are you running httpd with mod_rails (rails passenger) per chance?


-- 
***          E-Mail is NOT a SECURE channel          ***
James B. Byrne                mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3