GestioIP v3.5 patch 7 on CentOS Stream9 had problem ping (by clicking coloured circle at an IP address at Host list view). tcpdump does not show ping packs transmit . Disabling selinux works the ping.
audit2allow did not help and still showing ping deny audit logs.
Hello Marc,
GestioIP v3.5 patch 7 on CentOS Stream9 had problem ping (by clicking coloured circle at an IP address at Host list view). tcpdump does not show ping packs transmit . Disabling selinux works the ping.
audit2allow did not help and still showing ping deny audit logs.
ausearch -m AVC --start 11:26:00 --end 11:59:00 | audit2allow -a -M ping_rule
semodule -i ping_rule.pp
then
chcon -R -t httpd_sys_script_exec_t /var/www/html/gestioip
grep ping /var/log/audit/audit.log | tail
type=AVC msg=audit(1700479699.555:1600): avc: denied { write } for pid=19979 comm="ping" scontext=system_u:system_r:httpd_sys_script_t:s0 tcontext=system_u:system_r:httpd sys_script_t:s0 tclass=icmp_socket permissive=0
type=SYSCALL msg=audit(1700479699.555:1600): arch=c000003e syscall=44 success=no exit=-13 a0=3 a1=56330839f320 a2=40 a3=0 items=0 ppid=19978 pid=19979 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="ping" exe="/usr/bin/ping" subj=system_u:system_r:httpd_sys_script_t:s0 key=(null)AR CH=x86_64 SYSCALL=sendto AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=AVC msg=audit(1700479699.555:1601): avc: denied { read } for pid=19979 comm="ping" scontext=system_u:system_r:httpd_sys_script_t:s0 tcontext=system_u:system_r:httpd sys_script_t:s0 tclass=icmp_socket permissive=0
type=SYSCALL msg=audit(1700479699.555:1601): arch=c000003e syscall=47 success=no exit=-13 a0=3 a1=7ffef6f2eb40 a2=2040 a3=0 items=0 ppid=19978 pid=19979 auid=4294967295 uid= 48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="ping" exe="/usr/bin/ping" subj=system_u:system_r:httpd_sys_script_t:s0 key=(null) ARCH=x86_64 SYSCALL=recvmsg AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
Following did not help either.
http://www.gestioip.net/docu/README.fedora.redhat.CentOS
Can you please advise how to sort this out?
Thanks,
Kazu