dturecek / copr / copr

Forked from copr/copr 6 years ago
Clone

4f68974 allow signd to write to socket

1 file Authored by msuchy 5 years ago, Committed by msuchy 5 years ago,
    allow signd to write to socket
    
    addressing:
    type=AVC msg=audit(1547164874.012:458): avc:  denied  { getattr } for  pid=30329 comm="gpg2" path="/var/lib/copr-keygen/gnupg/S.gpg-agent" dev="vda1" ino=401000 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:httpd_var_lib_t:s0 tclass=sock_file permissive=1
    type=AVC msg=audit(1547164874.013:459): avc:  denied  { write } for  pid=30329 comm="gpg2" name="S.gpg-agent" dev="vda1" ino=401000 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:httpd_var_lib_t:s0 tclass=sock_file permissive=1
    type=AVC msg=audit(1547164874.014:460): avc:  denied  { unlink } for  pid=30331 comm="gpg-agent" name="S.gpg-agent" dev="vda1" ino=401000 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:httpd_var_lib_t:s0 tclass=sock_file permissive=1
    type=AVC msg=audit(1547164874.015:461): avc:  denied  { create } for  pid=30331 comm="gpg-agent" name="S.gpg-agent" scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:httpd_var_lib_t:s0 tclass=sock_file permissive=1
    type=AVC msg=audit(1547164874.015:462): avc:  denied  { setattr } for  pid=30331 comm="gpg-agent" name="S.gpg-agent" dev="vda1" ino=401000 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:httpd_var_lib_t:s0 tclass=sock_file permissive=1
    
        
file modified
+3 -0