FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora SELinux Support

LinkBack Thread Tools
Old 04-14-2010, 10:53 AM
"Moray Henderson (ICT)"
Default cron/anacron discrepancy in Centos 5?

After I do a fresh install of a (slightly customised) CentOS 5, a
logwatch run is kicked off by anacron. It tries to run a directory size
scan, which generates a whole list of errors:

du: cannot read directory `/var/log/audit': Permission denied
du: cannot read directory `/var/log/pm': Permission denied
du: cannot access `/usr/lib/sa/sa2': Permission denied
du: cannot read directory `/usr/lib/httpd': Permission denied

with corresponding AVCs:

type=AVC msg=audit(1271158392.750:101): avc: denied { read } for
pid=3429 comm="du" name="audit" dev=dm-4 ino=418914
tcontext=system_ubject_r:auditd_log_t:s0 tclass=dir
type=AVC msg=audit(1271158392.845:102): avc: denied { read } for
pid=3429 comm="du" name="pm" dev=dm-4 ino=418940
tcontext=system_ubject_r:hald_log_t:s0 tclass=dir
type=AVC msg=audit(1271158414.619:266): avc: denied { getattr } for
pid=3432 comm="du" path="/usr/lib/sa/sa2" dev=dm-1 ino=457413
tcontext=system_ubject_r:sysstat_exec_t:s0 tclass=file
type=AVC msg=audit(1271158414.648:267): avc: denied { read } for
pid=3432 comm="du" name="httpd" dev=dm-1 ino=422750
tcontext=system_ubject_r:httpd_modules_t:s0 tclass=dir

However, once the system has settled down and logwatch is being run by
cron, the errors no longer appear. Both cron and anacron have the same

-rwxr-xr-x root root system_ubject_r:crond_exec_t /usr/sbin/anacron
-rwxr-xr-x root root system_ubject_r:crond_exec_t /usr/sbin/crond

-rwxr-xr-x root root system_ubject_r:logwatch_exec_t

So why does it fail from one and work from the other?

"To err is human.* To purr, feline"

selinux mailing list

Thread Tools

All times are GMT. The time now is 02:34 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org