I upgraded a development server last week, and it started spewing selinux
errors to the log. I googled. What finally *seems* to have stopped it was
a) setsebool -P httpd_setrlimit 1
b) yum downgrade selinux-policy\*
This is on a 6.3 box. Has anyone else seen this behaviour?
mark
On 20/11/12 20:56, m.roth at 5-cent.us wrote:> I upgraded a development server last week, and it started spewing selinux > errors to the log. I googled. What finally *seems* to have stopped it was > a) setsebool -P httpd_setrlimit 1 > b) yum downgrade selinux-policy\* > > This is on a 6.3 box. Has anyone else seen this behaviour? > > mark >No.
what's the error? How do you produce it? ------------ Banyan He Blog: http://www.rootong.com Email: banyan at rootong.com On 2012-11-21 4:56 AM, m.roth at 5-cent.us wrote:> I upgraded a development server last week, and it started spewing selinux > errors to the log. I googled. What finally *seems* to have stopped it was > a) setsebool -P httpd_setrlimit 1 > b) yum downgrade selinux-policy\* > > This is on a 6.3 box. Has anyone else seen this behaviour? > > mark > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 11/20/2012 03:56 PM, m.roth at 5-cent.us wrote:> I upgraded a development server last week, and it started spewing selinux > errors to the log. I googled. What finally *seems* to have stopped it was > a) setsebool -P httpd_setrlimit 1 b) yum downgrade selinux-policy\* > > This is on a 6.3 box. Has anyone else seen this behaviour? > > mark > > _______________________________________________ CentOS mailing list > CentOS at centos.org http://lists.centos.org/mailman/listinfo/centos >I would doubt you needed to downgrade the policy. I would figure you got a new version of apache or some application that was requiring httpd to setrlimit. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlCsqiMACgkQrlYvE4MpobNEEgCgozkSWyv8NV0MmsLjc9+KQN32 3MoAn14eIuejHZScm5WeoCHszA3J8L97 =qvc4 -----END PGP SIGNATURE-----
On 11/21/12 05:17, Daniel J Walsh wrote:> On 11/20/2012 03:56 PM, m.roth at 5-cent.us wrote: >> I upgraded a development server last week, and it started spewing selinux >> errors to the log. I googled. What finally *seems* to have stopped it was >> a) setsebool -P httpd_setrlimit 1 b) yum downgrade selinux-policy\* >> >> This is on a 6.3 box. Has anyone else seen this behaviour? >> > I would doubt you needed to downgrade the policy. I would figure you got a > new version of apache or some application that was requiring httpd to setrlimit.You mean *all* that garbage was because setrlimit needed to be set? If so, I would have expected the installation or upgrade of the package to do that in the postinstall. Thanks. mark