[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

denied despite allow rule

I'm confused about a situation where I'm getting denied avc messages even though there is an allow rule in place. What am I missing?
This is on RHEL 5.8 using the targeted policy. Here's an example. I have this avc message from this morning:
type=AVC msg=audit(1333372681.227:20002): avc: denied { append } for pid=3480 comm="vsftpd" path="/LTS/eng-ng/snip/2012/03/20/ STORY_Letters_for_Sun._3-4_1_66_610389Z/ IMG_Cartoon_for_3-4.jpg_1_1_8F1363GR/ IMG_Cartoon_for_3-4.jpg_1_1_8F1363GR.xml" dev=dm-8 ino=227640612 scontext=system_u:system_r:ftpd_t:s0 tcontext=system_u:object_r:public_content_t:s0 tclass=file 

but when I do sesearch it shows a matching allow rule:

# sesearch -s ftpd_t -t public_content_t -c file -p append -a
Found 1 av rules:
allow ftpd_t public_content_t : file { ioctl read write create getattr setattr lock append unlink link rename }; 

Found 5 role allow rules:
   allow system_r sysadm_r ;
   allow user_r sysadm_r ;
   allow user_r system_r ;
   allow sysadm_r user_r ;
   allow sysadm_r system_r ;

Thanks for any help you can give,
Maria

--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux

[Fedora Users]     [Fedora Legacy]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite Photos]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

Powered by Linux
Google
  Web www.spinics.net