FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

LinkBack Thread Tools
Old 07-24-2008, 07:23 PM
Toby Bluhm
Default selinux & httpd & portmap

Having problems starting httpd & portmapper

#service httpd start
/usr/sbin/httpd: error while loading shared libraries: libm.so.6: cannot
open shared object file: No such file or directory

and I traced it to selinux, which I had just turned on for the first time:

# sestatus
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing
Policy version: 21
Policy from config file: targeted

I can

#setsebool -P httpd_disable_trans on

and httpd starts - but there's zero enforcing now as I understand it.

Further digging & I get to:

# cat /var/log/audit/audit.log | audit2allow -m local

module local 1.0;

require {
type portmap_t;
type httpd_t;
type file_t;
class lnk_file read;
class file { getattr read execute };

#============= httpd_t ==============
allow httpd_t file_t:file { read getattr execute };
allow httpd_t file_t:lnk_file read;

#============= portmap_t ==============
allow portmap_t file_t:file { read getattr execute };
allow portmap_t file_t:lnk_file read;

Other stuff like postfix, postgrey, amavisd are working fine since
turning selinux on.

Before I make a mess of things with trying to make a new policy,
shouldn't two basic services like portmap & httpd already be allowed to
run out of the box by selinux?

If not, am I going down the right path to get it working?


Toby Bluhm
Alltech Medical Systems America, Inc.
30825 Aurora Road Suite 100
Solon Ohio 44139
440-424-2240 ext203

CentOS mailing list

Thread Tools

All times are GMT. The time now is 01:27 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org