[CentOS] SELinux is preventing /bin/ps from search access
Daniel J Walsh
dwalsh at redhat.com
Sat Sep 15 10:04:17 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
On 09/14/2012 02:24 PM, m.roth at 5-cent.us wrote:
> James B. Byrne wrote:
>> On Thu, September 13, 2012 16:06, m.roth at 5-cent.us wrote:
>>> CentOS 6.3. *Just* updated, including most current selinux-policy and
>>> selinux-policy-targeted. I'm getting tons of these, as in it's just
>>> spitting them out when I tail -f /var/log/messages: Sep 13 15:20:51
>>> <server> setroubleshoot: SELinux is preventing /bin/ps from search
>>> access on the directory @2. For complete SELinux messages. run sealert
>>> -l d92ec78b-3897-4760-93c5-343a662fec67
>> Are you running httpd with mod_rails (rails passenger) per chance?
> Dan Walsh asked me *exactly* the same question. Yep, they've got ruby apps.
> As soon as he said that, I googled, and found I needed to set two booleans,
> and create a policy - that's a *ton* of allows - for passenger. Installed
> it. It finally shut up....
> mark, underwhelmed w/ the need for ruby....
> _______________________________________________ CentOS mailing list
> CentOS at centos.org http://lists.centos.org/mailman/listinfo/centos
Only one rule required.
You can either add
We are putting fixes in for this in Fedora and soon into RHEL, for the
upcoming openshift policy which also uses passenger.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the CentOS