[lug] debugging pty
D. Stimits
stimits at comcast.net
Sun Jan 21 18:32:45 MST 2007
I'm still searching for a cause of some problems on a centos machine,
and expanding my search. For the sshd this includes problems allocating
ptys, and may also be interacting with svn via mod_dav. In the logs I
see this SElinux message:
audit(1169423760.228:32): avc: denied { search } for pid=29091
comm="httpd" name="/" dev=devpts ino=1 scontext=root:system_r:httpd_t
tcontext=user_u:object_r:devpts_t tclass=dir
I don't know what avc is, but the above message occurs each time I
restart httpd (which involves an SSL cert with a password, perhaps it's
just saying I need the password). I know all of /var/www/, recursively,
has had "chcon -R -h -t httpd_sys_content_t", and in general, the web
server seems to work correctly (aside from an svn authz problem). The
thing that catches my attention is the dev=devpts, and that when ssh
fails and stalls after a valid password, it mentions inability to
allocate a pty. Is there any chance that this is related? What would I
need to add to the selinux setup to remove this audit message?
D. Stimits, stimits AT comcast DOT net
More information about the LUG
mailing list