Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 456194

Summary: sec-policy/selinux-asterisk needs permission to search /var/log directory
Product: Gentoo Linux Reporter: Stan Sander <stsander>
Component: SELinuxAssignee: Sven Vermeulen (RETIRED) <swift>
Severity: normal CC: selinux
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: sec-policy r12
Package list:
Runtime testing required: ---

Description Stan Sander 2013-02-08 17:08:50 UTC
asterisk needs permissions to search through /var/log.  This is currently lacking in the policy. logging_search_logs(asterisk_t) should be added to the module.

asterisk: ERROR[23298]: cdr_csv.c:318 in csv_log: Unable to re-open master file /var/log/asterisk//cdr-csv//Master.csv : Permission denied

kernel: type=1400 audit(1360336362.858:209): avc:  denied  { search } for  pid=23298 comm="asterisk" name="log" dev="sda3" ino=6291955 scontext=system_u:system_r:asterisk_t tcontext=system_u:object_r:var_log_t tclass=dir
Comment 1 Sven Vermeulen (RETIRED) gentoo-dev 2013-02-08 18:48:38 UTC
Thanks, added to repository, will be in rev 12
Comment 2 Sven Vermeulen (RETIRED) gentoo-dev 2013-03-09 12:41:46 UTC
rev 12 in main tree, ~arch'ed
Comment 3 Sven Vermeulen (RETIRED) gentoo-dev 2013-03-29 10:55:20 UTC