Chapter 2. SELinux Policy Overview
21
hostname
The hostname of the system.
kernel: audit(1105758604.519:420):
This is the kernel audit log message pointer. The timestamp consists of a long number, which is
the unformatted current time, and a short number, which is the milliseconds, that is,
0
current_time .
0
milliseconds_past_current_time
. The third number is the
1
1
serial number, which helps in stitching together the full audit trail from multiple messages.
Multiple messages for the same event occur when full audit logging is enabled using an audit
daemon, which logs various kernel events.
avc: denied
The operation was denied. A few operations have
auditallow
set so they generate
granted
messages instead.
{ getattr }
What was denied or granted. The brackets
{}
contain the actual permission that was attempted.
for pid=5962
The process ID of the application that is the source of the operation.
exe=/usr/sbin/httpd
The application being denied.
path=/home/auser/public_html
The path to the target file or directory the operation was attempted on.
dev=hdb2
The device node that holds the file system. The object of the denied operation lives in this file
system.
ino=921135
The inode number of the target file or directory.
scontext=root:system_r:httpd_t
The security context of the source, that is, the process being denied access.
tcontext=user_u:object_r:user_home_t
The security context of the target, that is, the file or directory that is denied.
tclass=dir
The object class of the target, indicating that it was the directory
/home/auser/public_html/
that was being blocked.
2.9. Policy Macros
Macros are used throughout programming, as they provide reusable pieces of code that you can call
one time and have explode into many meaningful lines. SELinux uses the
m4
macro language for
writing reusable policy rules. This makes policy writing and management easier. In using macros,
footer
Our partners:
PHP: Hypertext Preprocessor Best Web Hosting
Java Web Hosting
Inexpensive Web Hosting
Jsp Web Hosting
Cheapest Web Hosting
Jsp Hosting
Cheap Hosting
Visionwebhosting.net Business web hosting division of Web
Design Plus. All rights reserved