ghelleks / newrelic-selinux Goto Github PK
View Code? Open in Web Editor NEWAn selinux policy for newrelic.
License: MIT License
An selinux policy for newrelic.
License: MIT License
I've just installed your module as per your instructions. I am using CenOS 6.0 x86_64.
[root@app2 ~]# semanage module -l | grep newrel
newrelic 1.0
And I am still getting a ptrace deny.
[root@app2 ~]# audit2allow -a
#============= httpd_t ==============
allow httpd_t self:capability sys_ptrace;
[root@app2 ~]# ausearch -i -sv no -ts recent
----
type=SYSCALL msg=audit(04/01/2016 18:27:11.609:2019129) : arch=x86_64 syscall=ptrace success=no exit=-1(Operation not permitted) a0=PTRACE_ATTACH a1=0x6ed9 a2=0x0 a3=0x0 items=0 ppid=1 pid=26330 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=2150 comm=php-fpm exe=/usr/sbin/php-fpm subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(04/01/2016 18:27:11.609:2019129) : avc: denied { sys_ptrace } for pid=26330 comm=php-fpm capability=sys_ptrace scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
----
type=SYSCALL msg=audit(04/01/2016 18:27:16.611:2019130) : arch=x86_64 syscall=ptrace success=no exit=-1(Operation not permitted) a0=PTRACE_ATTACH a1=0x6ec4 a2=0x0 a3=0x0 items=0 ppid=1 pid=26330 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=2150 comm=php-fpm exe=/usr/sbin/php-fpm subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(04/01/2016 18:27:16.611:2019130) : avc: denied { sys_ptrace } for pid=26330 comm=php-fpm capability=sys_ptrace scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
----
type=SYSCALL msg=audit(04/01/2016 18:27:21.612:2019131) : arch=x86_64 syscall=ptrace success=no exit=-1(Operation not permitted) a0=PTRACE_ATTACH a1=0x6efd a2=0x0 a3=0x0 items=0 ppid=1 pid=26330 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=2150 comm=php-fpm exe=/usr/sbin/php-fpm subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(04/01/2016 18:27:21.612:2019131) : avc: denied { sys_ptrace } for pid=26330 comm=php-fpm capability=sys_ptrace scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
----
type=SYSCALL msg=audit(04/01/2016 18:27:24.945:2019132) : arch=x86_64 syscall=ptrace success=no exit=-1(Operation not permitted) a0=PTRACE_ATTACH a1=0x6ec3 a2=0x0 a3=0x0 items=0 ppid=1 pid=26330 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=2150 comm=php-fpm exe=/usr/sbin/php-fpm subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(04/01/2016 18:27:24.945:2019132) : avc: denied { sys_ptrace } for pid=26330 comm=php-fpm capability=sys_ptrace scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
----
type=SYSCALL msg=audit(04/01/2016 18:27:29.947:2019133) : arch=x86_64 syscall=ptrace success=no exit=-1(Operation not permitted) a0=PTRACE_ATTACH a1=0x6f00 a2=0x0 a3=0x0 items=0 ppid=1 pid=26330 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=2150 comm=php-fpm exe=/usr/sbin/php-fpm subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(04/01/2016 18:27:29.947:2019133) : avc: denied { sys_ptrace } for pid=26330 comm=php-fpm capability=sys_ptrace scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
----
type=SYSCALL msg=audit(04/01/2016 18:27:34.950:2019134) : arch=x86_64 syscall=ptrace success=no exit=-1(Operation not permitted) a0=PTRACE_ATTACH a1=0x6ede a2=0x0 a3=0x0 items=0 ppid=1 pid=26330 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=2150 comm=php-fpm exe=/usr/sbin/php-fpm subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(04/01/2016 18:27:34.950:2019134) : avc: denied { sys_ptrace } for pid=26330 comm=php-fpm capability=sys_ptrace scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
----
type=SYSCALL msg=audit(04/01/2016 18:27:38.284:2019135) : arch=x86_64 syscall=ptrace success=no exit=-1(Operation not permitted) a0=PTRACE_ATTACH a1=0x6efc a2=0x0 a3=0x0 items=0 ppid=1 pid=26330 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=2150 comm=php-fpm exe=/usr/sbin/php-fpm subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(04/01/2016 18:27:38.284:2019135) : avc: denied { sys_ptrace } for pid=26330 comm=php-fpm capability=sys_ptrace scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
----
type=SYSCALL msg=audit(04/01/2016 18:27:43.285:2019136) : arch=x86_64 syscall=ptrace success=no exit=-1(Operation not permitted) a0=PTRACE_ATTACH a1=0x6edf a2=0x0 a3=0x0 items=0 ppid=1 pid=26330 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=2150 comm=php-fpm exe=/usr/sbin/php-fpm subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(04/01/2016 18:27:43.285:2019136) : avc: denied { sys_ptrace } for pid=26330 comm=php-fpm capability=sys_ptrace scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
----
type=SYSCALL msg=audit(04/01/2016 18:27:46.619:2019137) : arch=x86_64 syscall=ptrace success=no exit=-1(Operation not permitted) a0=PTRACE_ATTACH a1=0x6f00 a2=0x0 a3=0x0 items=0 ppid=1 pid=26330 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=2150 comm=php-fpm exe=/usr/sbin/php-fpm subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(04/01/2016 18:27:46.619:2019137) : avc: denied { sys_ptrace } for pid=26330 comm=php-fpm capability=sys_ptrace scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
----
type=SYSCALL msg=audit(04/01/2016 18:27:49.954:2019138) : arch=x86_64 syscall=ptrace success=no exit=-1(Operation not permitted) a0=PTRACE_ATTACH a1=0x6efc a2=0x0 a3=0x0 items=0 ppid=1 pid=26330 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=2150 comm=php-fpm exe=/usr/sbin/php-fpm subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(04/01/2016 18:27:49.954:2019138) : avc: denied { sys_ptrace } for pid=26330 comm=php-fpm capability=sys_ptrace scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
----
type=SYSCALL msg=audit(04/01/2016 18:28:41.709:2019145) : arch=x86_64 syscall=ptrace success=no exit=-1(Operation not permitted) a0=PTRACE_ATTACH a1=0x6eff a2=0x0 a3=0x0 items=0 ppid=1 pid=26330 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=2150 comm=php-fpm exe=/usr/sbin/php-fpm subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(04/01/2016 18:28:41.709:2019145) : avc: denied { sys_ptrace } for pid=26330 comm=php-fpm capability=sys_ptrace scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
----
type=SYSCALL msg=audit(04/01/2016 18:30:15.503:2019147) : arch=x86_64 syscall=ptrace success=no exit=-1(Operation not permitted) a0=PTRACE_ATTACH a1=0x6f01 a2=0x0 a3=0x0 items=0 ppid=1 pid=26330 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=2150 comm=php-fpm exe=/usr/sbin/php-fpm subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(04/01/2016 18:30:15.503:2019147) : avc: denied { sys_ptrace } for pid=26330 comm=php-fpm capability=sys_ptrace scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
----
type=SYSCALL msg=audit(04/01/2016 18:30:17.170:2019148) : arch=x86_64 syscall=ptrace success=no exit=-1(Operation not permitted) a0=PTRACE_ATTACH a1=0x6f00 a2=0x0 a3=0x0 items=0 ppid=1 pid=26330 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=2150 comm=php-fpm exe=/usr/sbin/php-fpm subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(04/01/2016 18:30:17.170:2019148) : avc: denied { sys_ptrace } for pid=26330 comm=php-fpm capability=sys_ptrace scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
----
type=SYSCALL msg=audit(04/01/2016 18:30:28.871:2019149) : arch=x86_64 syscall=ptrace success=no exit=-1(Operation not permitted) a0=PTRACE_ATTACH a1=0x6f00 a2=0x0 a3=0x0 items=0 ppid=1 pid=26330 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=2150 comm=php-fpm exe=/usr/sbin/php-fpm subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(04/01/2016 18:30:28.871:2019149) : avc: denied { sys_ptrace } for pid=26330 comm=php-fpm capability=sys_ptrace scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
----
type=SYSCALL msg=audit(04/01/2016 18:32:52.278:2019150) : arch=x86_64 syscall=ptrace success=no exit=-1(Operation not permitted) a0=PTRACE_ATTACH a1=0x71e5 a2=0x0 a3=0x0 items=0 ppid=1 pid=26330 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=2150 comm=php-fpm exe=/usr/sbin/php-fpm subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(04/01/2016 18:32:52.278:2019150) : avc: denied { sys_ptrace } for pid=26330 comm=php-fpm capability=sys_ptrace scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
----
type=SYSCALL msg=audit(04/01/2016 18:33:20.707:2019151) : arch=x86_64 syscall=ptrace success=no exit=-1(Operation not permitted) a0=PTRACE_ATTACH a1=0x71e2 a2=0x0 a3=0x0 items=0 ppid=1 pid=26330 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=2150 comm=php-fpm exe=/usr/sbin/php-fpm subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(04/01/2016 18:33:20.707:2019151) : avc: denied { sys_ptrace } for pid=26330 comm=php-fpm capability=sys_ptrace scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
----
type=SYSCALL msg=audit(04/01/2016 18:33:30.686:2019152) : arch=x86_64 syscall=ptrace success=no exit=-1(Operation not permitted) a0=PTRACE_ATTACH a1=0x71e6 a2=0x0 a3=0x0 items=0 ppid=1 pid=26330 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=2150 comm=php-fpm exe=/usr/sbin/php-fpm subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(04/01/2016 18:33:30.686:2019152) : avc: denied { sys_ptrace } for pid=26330 comm=php-fpm capability=sys_ptrace scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
----
type=SYSCALL msg=audit(04/01/2016 18:33:34.068:2019153) : arch=x86_64 syscall=ptrace success=no exit=-1(Operation not permitted) a0=PTRACE_ATTACH a1=0x7163 a2=0x0 a3=0x0 items=0 ppid=1 pid=26330 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=2150 comm=php-fpm exe=/usr/sbin/php-fpm subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(04/01/2016 18:33:34.068:2019153) : avc: denied { sys_ptrace } for pid=26330 comm=php-fpm capability=sys_ptrace scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
----
type=SYSCALL msg=audit(04/01/2016 18:35:00.835:2019154) : arch=x86_64 syscall=ptrace success=no exit=-1(Operation not permitted) a0=PTRACE_ATTACH a1=0x735c a2=0x0 a3=0x0 items=0 ppid=1 pid=26330 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=2150 comm=php-fpm exe=/usr/sbin/php-fpm subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(04/01/2016 18:35:00.835:2019154) : avc: denied { sys_ptrace } for pid=26330 comm=php-fpm capability=sys_ptrace scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
----
type=SYSCALL msg=audit(04/01/2016 18:36:15.908:2019155) : arch=x86_64 syscall=ptrace success=no exit=-1(Operation not permitted) a0=PTRACE_ATTACH a1=0x73d5 a2=0x0 a3=0x0 items=0 ppid=1 pid=26330 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=2150 comm=php-fpm exe=/usr/sbin/php-fpm subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(04/01/2016 18:36:15.908:2019155) : avc: denied { sys_ptrace } for pid=26330 comm=php-fpm capability=sys_ptrace scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
The socket file for newrelic is at /var/run/newrelic/.newrelic.sock
[root@app2 ~]# ls -a /var/run/newrelic/
. .. .newrelic.sock nrsysmond.pid
Thanks for this selinux policy for new relic.
In order to run 'make -f /usr/share/selinux/devel/Makefile', as mentioned in the readme, I had to first run
yum install selinux-policy-devel
to get the file /usr/share/selinux/devel/Makefile in place. It would probably help others to see this information in the readme.
Hello,
I think this module would be used all around. You should push it upstream, IMHO.
Also, the newrelic crew should take a look at it.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.