1 |
I just installed a fresh copy of the gentoo and figured I'd give selinux a |
2 |
shot and think that I have hammered out most of my issues, but have a quick |
3 |
question. I have selinux running in targeted/enforcing mode but for some |
4 |
reason apache is staying in the wrong context: |
5 |
|
6 |
# ps fauxZ | grep apache2 |
7 |
unconfined_u:unconfined_r:unconfined_t root 7167 0.0 0.0 3836 572 |
8 |
pts/0 S+ 16:59 0:00 \_ grep --colour=auto apache2 |
9 |
user_u:system_r:initrc_t root 7153 0.0 0.0 152376 5912 |
10 |
? Ss 16:55 0:00 /usr/sbin/apache2 -D DEFAULT_VHOST -D INFO -D |
11 |
LANGUAGE -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf -k start |
12 |
user_u:system_r:initrc_t apache 7155 0.0 0.0 152376 3784 |
13 |
? S 16:55 0:00 \_ /usr/sbin/apache2 -D DEFAULT_VHOST -D INFO -D |
14 |
LANGUAGE -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf -k start |
15 |
user_u:system_r:initrc_t apache 7156 0.0 0.0 152376 3784 |
16 |
? S 16:55 0:00 \_ /usr/sbin/apache2 -D DEFAULT_VHOST -D INFO -D |
17 |
LANGUAGE -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf -k start |
18 |
user_u:system_r:initrc_t apache 7157 0.0 0.0 152376 3784 |
19 |
? S 16:55 0:00 \_ /usr/sbin/apache2 -D DEFAULT_VHOST -D INFO -D |
20 |
LANGUAGE -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf -k start |
21 |
user_u:system_r:initrc_t apache 7158 0.0 0.0 152376 3784 |
22 |
? S 16:55 0:00 \_ /usr/sbin/apache2 -D DEFAULT_VHOST -D INFO -D |
23 |
LANGUAGE -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf -k start |
24 |
user_u:system_r:initrc_t apache 7159 0.0 0.0 152376 3784 |
25 |
? S 16:55 0:00 \_ /usr/sbin/apache2 -D DEFAULT_VHOST -D INFO -D |
26 |
LANGUAGE -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf -k start |
27 |
|
28 |
|
29 |
The other services on the box start up in their proper context just fine, |
30 |
for example: |
31 |
# ps fauxZ | grep mysqld |
32 |
system_u:system_r:mysqld_t mysql 4100 0.0 0.0 214892 30996 |
33 |
? Ssl 16:51 0:00 /usr/sbin/mysqld |
34 |
--defaults-file=/etc/mysql/my.cnf --basedir=/usr --datadir=/var/lib/mysql |
35 |
--pid-file=/var/run/mysqld/mysqld.pid --socket=/var/run/mysqld/mysqld.sock |
36 |
|
37 |
|
38 |
I have the selinux-apache policy installed |
39 |
|
40 |
# semodule -l | grep apache |
41 |
apache 1.9.1 |
42 |
|
43 |
I'm sure its something stupid that I'm missing, but any suggestions? Thanks |
44 |
|
45 |
|
46 |
Jeff Rooney |
47 |
jtrooney@×××××××××.com |