[lug] debugging pty

D. Stimits stimits at comcast.net
Sun Jan 21 18:32:45 MST 2007


I'm still searching for a cause of some problems on a centos machine, 
and expanding my search. For the sshd this includes problems allocating 
ptys, and may also be interacting with svn via mod_dav. In the logs I 
see this SElinux message:

audit(1169423760.228:32): avc:  denied  { search } for  pid=29091 
comm="httpd" name="/" dev=devpts ino=1 scontext=root:system_r:httpd_t 
tcontext=user_u:object_r:devpts_t tclass=dir

I don't know what avc is, but the above message occurs each time I 
restart httpd (which involves an SSL cert with a password, perhaps it's 
just saying I need the password). I know all of /var/www/, recursively, 
has had "chcon -R -h -t httpd_sys_content_t", and in general, the web 
server seems to work correctly (aside from an svn authz problem). The 
thing that catches my attention is the dev=devpts, and that when ssh 
fails and stalls after a valid password, it mentions inability to 
allocate a pty. Is there any chance that this is related? What would I 
need to add to the selinux setup to remove this audit message?

D. Stimits, stimits AT comcast DOT net



More information about the LUG mailing list