On Thu, April 9, 2015 1:05 pm, J.C. Cleaver wrote:
On Thu, April 9, 2015 6:01 am, Dirk Kastens wrote:
/var/cache/xymon(/.*)? system_u:object_r:httpd_cache_t:s0
I found a solution. I changed the file context of the cache directories to httpd_sys_rw_content_t and now the reports are working:
semanage fcontext -a -t httpd_sys_rw_content_t "/var/cache/xymon/rep(/.*)?" semanage fcontext -a -t httpd_sys_rw_content_t "/var/cache/xymon/snap(/.*)?" restorecon -R -v /var/cache/xymon
Is this an error in the Therabitia RPMs?
Dirk
Dirk,
I believe so. Possibly caused by a domain transition with the new cgiwrap binary that we didn't have before. I can duplicate the issue here.
The previous fcontext was set as below, as you identified. AFAICT, it's still the "proper" one for this type of content.
/usr/sbin/semanage fcontext -a -t httpd_cache_t '%{wwwCacheDirectory}(/.*)?' || :
Dirk,
I've confirmed this is a bug in the SELinux policy in the Terabithia RPMs. I've posted an updated set in the /testing/ repository for the various distros - 4.3.19-9 should resolve it.
You'll want to change things back to the httpd_cache_t type, however, with:
semanage fcontext -a -t httpd_cache_t '/var/cache/xymon(/.*)?'
Regards,
-jc