[CentOS] appdynamics php agent prevented by SELinux
Tim Dunphy
bluethundr at gmail.comMon May 11 01:02:11 UTC 2015
- Previous message: [CentOS] mariadb fails to start under C7
- Next message: [CentOS] appdynamics php agent prevented by SELinux
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hey guys, I've got another C7 problem I was hoping to solve. I installed appdynamics-php-agent-4.0.5.0-1.x86_64 on a C7.1 host. It's failing to communicate with it's controller on another host. And this is the interesting part. Whether or not I have SELinux enabled, I have apache reporting SELinux problems. [root at web1:~] #getenforce Permissive May 10 20:47:56 web1 python[25735]: SELinux is preventing /usr/lib/appdynamics-php5/proxy/jre/bin/java from write access on the file /usr/lib/appdynamics-php5/logs/agent.log.lck. ***** Plugin catchall (100. confidence) suggests **************************... May 10 20:47:56 web1 python[25735]: SELinux is preventing /usr/lib/appdynamics-php5/proxy/jre/bin/java from write access on the file /usr/lib/appdynamics-php5/logs/agent.log.lck. ***** Plugin catchall (100. confidence) suggests **************************... May 10 20:47:57 web1 python[25735]: SELinux is preventing /usr/lib/appdynamics-php5/proxy/jre/bin/java from write access on the file /usr/lib/appdynamics-php5/logs/agent.log.lck. ***** Plugin catchall (100. confidence) suggests **************************... May 10 20:47:58 web1 python[25735]: SELinux is preventing /usr/lib/appdynamics-php5/proxy/jre/bin/java from write access on the file /usr/lib/appdynamics-php5/logs/agent.log.lck. ***** Plugin catchall (100. confidence) suggests **************************... May 10 20:48:00 web1 python[25735]: SELinux is preventing /usr/lib/appdynamics-php5/proxy/jre/bin/java from write access on the file /usr/lib/appdynamics-php5/logs/agent.log.lck. ***** Plugin catchall (100. confidence) suggests **************************... May 10 20:48:01 web1 python[25735]: SELinux is preventing /usr/lib/appdynamics-php5/proxy/jre/bin/java from write access on the file /usr/lib/appdynamics-php5/logs/agent.log.lck. ***** Plugin catchall (100. confidence) suggests **************************... May 10 20:49:16 web1 python[25952]: SELinux is preventing /usr/lib/appdynamics-php5/proxy/jre/bin/java from write access on the file /usr/lib/appdynamics-php5/logs/agent.log.lck. ***** Plugin catchall (100. confidence) suggests **************************... May 10 20:49:17 web1 python[25952]: SELinux is preventing /usr/lib/appdynamics-php5/proxy/jre/bin/java from write access on the file /usr/lib/appdynamics-php5/logs/agent.log.lck. ***** Plugin catchall (100. confidence) suggests **************************... May 10 20:53:14 web1 python[26609]: SELinux is preventing /usr/lib/appdynamics-php5/proxy/jre/bin/java from write access on the file /usr/lib/appdynamics-php5/logs/agent.log.lck. ***** Plugin catchall (100. confidence) suggests **************************... May 10 20:53:15 web1 python[26609]: SELinux is preventing /usr/lib/appdynamics-php5/proxy/jre/bin/java from write access on the file /usr/lib/appdynamics-php5/logs/agent.log.lck. ***** Plugin catchall (100. confidence) suggests **************************... So I enabled SELinux and started troubleshooting with audit2why. [root at web1:~] #setenforce 1 [root at web1:~] #getenforce Enforcing And I'm seeing messages like these: [root at web1:~] #grep appd /var/log/audit/audit.log | audit2why -w type=AVC msg=audit(1431305820.292:393420): avc: denied { write } for pid=27289 comm="java" path="/usr/lib/appdynamics-php5/logs/testfile1615417693000946121.tmp" dev="vda" ino=965852 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:lib_t:s0 tclass=file Was caused by: Missing type enforcement (TE) allow rule. You can use audit2allow to generate a loadable module to allow this access. The part I am stuck on is using audit2allow to generate a loadable module that can allow this. Can anyone spare any pointers on how to do that? Thanks! Tim -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
- Previous message: [CentOS] mariadb fails to start under C7
- Next message: [CentOS] appdynamics php agent prevented by SELinux
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list