View Issue Details

IDProjectCategoryView StatusLast Update
0015680CentOS-7kernelpublic2019-01-09 09:37
Reporteragnaeux 
PrioritynormalSeverityminorReproducibilityalways
Status newResolutionopen 
Product Version7.6.1810 
Target VersionFixed in Version 
Summary0015680: SeLinux Kernel (3.10.0-957.1.3) error
DescriptionI found an issue with the new kernel which block map access to /dev/zero for the pagespeed module. Here are the log :

Audit.log :
type=AVC msg=audit(1547031688.122:94): avc: denied { map } for pid=5257 comm="httpd" path="/dev/zero" dev="devtmpfs" ino=1030 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:zero_device_t:s0 tclass=chr_file permissive=0

http error log :
[Wed Jan 09 10:24:37.481133 2019] [pagespeed:error] [pid 5429] [mod_pagespeed 1.13.35.2-0 @5429] Failed to mkdir /var/cache/mod_pagespeed/ purge /dBBL9jpbx73YIVsEhxe2.outputlock: No such file or directory

audit2allow :
# src="httpd_t" tgt="zero_device_t" class="chr_file", perms="map"
# comm="httpd" exe="" path="/dev/zero"
allow httpd_t zero_device_t:chr_file map;

I did not have this issue with the older kernel (3.10.0-862.14.4)
Steps To ReproducePurge the pagespeed cache
TagsNo tags attached.
abrt_hash
URL

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2019-01-09 09:37 agnaeux New Issue