How do I go about troubleshooting the following error below:
type=AVC msg=audit(1365523330.609:4846): avc: denied { append } for pid=12542 comm="FTPMan.pl" name="user_list" dev=dm-0 ino=2884237 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file
Was caused by:
Unknown - would be allowed by active policy
Possible mismatch between this policy and the one under which the audit message was generated.
Possible mismatch between current in-memory boolean settings vs. permanent ones.
There wasn't much documentation on this particular error.
Best Answer
Check the apache logs for the actual file causing the problem (for me it was mod_jk.so). hopefully you'll find a line in the error log like
then compare the selinux permissions of that file with the permissions of the http executable. for me they were
You can see the mod_jk.so has different permissions to the httpd binary. To fix it, simply make them the same
Now they match, and for me apache started up again (without compromising my server security)