Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 456194 - sec-policy/selinux-asterisk needs permission to search /var/log directory
Summary: sec-policy/selinux-asterisk needs permission to search /var/log directory
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: SELinux (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Sven Vermeulen (RETIRED)
Whiteboard: sec-policy r12
Depends on:
Reported: 2013-02-08 17:08 UTC by Stan Sander
Modified: 2013-03-29 10:55 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Stan Sander 2013-02-08 17:08:50 UTC
asterisk needs permissions to search through /var/log.  This is currently lacking in the policy. logging_search_logs(asterisk_t) should be added to the module.

asterisk: ERROR[23298]: cdr_csv.c:318 in csv_log: Unable to re-open master file /var/log/asterisk//cdr-csv//Master.csv : Permission denied

kernel: type=1400 audit(1360336362.858:209): avc:  denied  { search } for  pid=23298 comm="asterisk" name="log" dev="sda3" ino=6291955 scontext=system_u:system_r:asterisk_t tcontext=system_u:object_r:var_log_t tclass=dir
Comment 1 Sven Vermeulen (RETIRED) gentoo-dev 2013-02-08 18:48:38 UTC
Thanks, added to repository, will be in rev 12
Comment 2 Sven Vermeulen (RETIRED) gentoo-dev 2013-03-09 12:41:46 UTC
rev 12 in main tree, ~arch'ed
Comment 3 Sven Vermeulen (RETIRED) gentoo-dev 2013-03-29 10:55:20 UTC