[Serusers] ser_fifo and access denied issue (Maybee Context Problem) can you help?

Douglas Mahy Douglas.Mahy at telewest.co.uk
Mon Dec 12 11:37:44 CET 2005 

I have had considerable success in getting ser working under selinux
particularly as I am new to linux having just recently moved over from
working in a windows environment. However I have had a lot of problems
trying to resolve a permissions problem that is resulting in serweb kicking
out the error.

 

 

FIFO not running or bad path to it

 

 

I have tried all the usual stuff such as including the lines I have  also
turned off selinux.

 

fifo="/tmp/ser_fifo"

 

 

fifo_mode=0777

 

or

 

sock_mode=0666

 

 

I now believe that this may be something to do with context, is there
anybody that has experienced this problem. Below is the error I am getting
using dmseg, it increments each time I refresh the admin page.

 

audit(1134382735.156:78): avc:  denied  { getattr } for  pid=2682
comm="httpd" name="ser_fifo" dev=sda2 ino=1887848
scontext=root:system_r:httpd_t tcontext=root:object_r:tmp_t tclass=fifo_file

 

 

Below are the permissions on the ser_fifo and its context.

 

/dev/

 

brw-rw----           root     disk     system_u:object_r:fixed_disk_device_t
sda1

brw-rw-rw-          root     disk     system_u:object_r:fixed_disk_device_t
sda2

brw-rw----           root     disk     system_u:object_r:fixed_disk_device_t
sda3

 

 

/tmp/

 

-rw-------              root     root     root:object_r:tmp_t
php-install.GQ3113

prwxrwxrwx        root     root     root:object_r:tmp_t
ser_fifo

prw-rw-rw-           root     root     root:object_r:tmp_t
ser_receiver_3011

 

Any help would be very much appreciated.

            

 

 

 

Doug Mahy

Telewest Broadband

Head of Research & Development

Network Engineering and Strategy

M +44(0) 7985 807 534

Email:  <mailto:douglas.mahy at telewest.co.uk> douglas.mahy at telewest.co.uk

 


------------------------------------------------------------------------------
Altogether Better
www.telewest.co.uk


The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material.
Statements and opinions expressed in this e-mail may not represent those of the company. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender immediately and delete the material from any computer.

==============================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20051212/33b3094a/attachment.htm>

More information about the sr-users mailing list