Closed JoePJisc closed 1 year ago
httpd_use_gpg 1 audit.log:
type=AVC msg=audit(1652632401.302:992): avc: denied { search } for pid=6997 comm="gpg" name="sss" dev="dm-0" ino=67529013 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:sssd_var_lib_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.302:992): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=560b11d48780 a2=80000 a3=0 items=1 ppid=1284 pid=6997 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.302:992): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.302:992): item=0 name="/var/lib/sss/mc/passwd" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.302:992): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D616C776179732D7472757374002D2D69676E6F7265
type=AVC msg=audit(1652632401.302:993): avc: denied { search } for pid=6997 comm="gpg" name="sss" dev="dm-0" ino=67529013 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:sssd_var_lib_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.302:993): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=560b11d48780 a2=80000 a3=0 items=1 ppid=1284 pid=6997 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.302:993): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.302:993): item=0 name="/var/lib/sss/mc/passwd" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.302:993): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D616C776179732D7472757374002D2D69676E6F7265
type=AVC msg=audit(1652632401.302:994): avc: denied { search } for pid=6997 comm="gpg" name="sss" dev="dm-0" ino=67529013 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:sssd_var_lib_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.302:994): arch=c000003e syscall=42 success=no exit=-13 a0=6 a1=7ffeda521690 a2=6e a3=0 items=1 ppid=1284 pid=6997 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=connect AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=SOCKADDR msg=audit(1652632401.302:994): saddr=01002F7661722F6C69622F7373732F70697065732F6E73730000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 SADDR={ saddr_fam=local path=/var/lib/sss/pipes/nss }
type=CWD msg=audit(1652632401.302:994): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.302:994): item=0 name="/var/lib/sss/pipes/nss" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.302:994): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D616C776179732D7472757374002D2D69676E6F7265
type=AVC msg=audit(1652632401.303:995): avc: denied { read } for pid=6997 comm="gpg" name="passwd" dev="dm-0" ino=135461644 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=0
type=SYSCALL msg=audit(1652632401.303:995): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=7f111af8aeae a2=80000 a3=0 items=1 ppid=1284 pid=6997 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.303:995): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.303:995): item=0 name="/etc/passwd" inode=135461644 dev=fd:00 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:passwd_file_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 OUID="root" OGID="root"
type=PROCTITLE msg=audit(1652632401.303:995): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D616C776179732D7472757374002D2D69676E6F7265
type=AVC msg=audit(1652632401.304:996): avc: denied { search } for pid=6997 comm="gpg" name="sss" dev="dm-0" ino=67529013 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:sssd_var_lib_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.304:996): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=560b11d4d5f0 a2=80000 a3=0 items=1 ppid=1284 pid=6997 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.304:996): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.304:996): item=0 name="/var/lib/sss/mc/passwd" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.304:996): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D616C776179732D7472757374002D2D69676E6F7265
type=AVC msg=audit(1652632401.304:997): avc: denied { search } for pid=6997 comm="gpg" name="sss" dev="dm-0" ino=67529013 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:sssd_var_lib_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.304:997): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=560b11d4d5f0 a2=80000 a3=0 items=1 ppid=1284 pid=6997 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.304:997): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.304:997): item=0 name="/var/lib/sss/mc/passwd" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.304:997): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D616C776179732D7472757374002D2D69676E6F7265
type=AVC msg=audit(1652632401.304:998): avc: denied { search } for pid=6997 comm="gpg" name="sss" dev="dm-0" ino=67529013 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:sssd_var_lib_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.304:998): arch=c000003e syscall=42 success=no exit=-13 a0=6 a1=7ffeda521670 a2=6e a3=0 items=1 ppid=1284 pid=6997 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=connect AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=SOCKADDR msg=audit(1652632401.304:998): saddr=01002F7661722F6C69622F7373732F70697065732F6E73730000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 SADDR={ saddr_fam=local path=/var/lib/sss/pipes/nss }
type=CWD msg=audit(1652632401.304:998): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.304:998): item=0 name="/var/lib/sss/pipes/nss" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.304:998): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D616C776179732D7472757374002D2D69676E6F7265
type=AVC msg=audit(1652632401.304:999): avc: denied { read } for pid=6997 comm="gpg" name="passwd" dev="dm-0" ino=135461644 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=0
type=SYSCALL msg=audit(1652632401.304:999): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=7f111af8aeae a2=80000 a3=0 items=1 ppid=1284 pid=6997 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.304:999): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.304:999): item=0 name="/etc/passwd" inode=135461644 dev=fd:00 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:passwd_file_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 OUID="root" OGID="root"
type=PROCTITLE msg=audit(1652632401.304:999): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D616C776179732D7472757374002D2D69676E6F7265
type=AVC msg=audit(1652632401.304:1000): avc: denied { search } for pid=6997 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.304:1000): arch=c000003e syscall=21 success=no exit=-13 a0=560b11d4d5c0 a1=4 a2=0 a3=57 items=1 ppid=1284 pid=6997 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.304:1000): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.304:1000): item=0 name="/var/www/MISP/.gnupg/gpg.conf-2.2.20" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.304:1000): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D616C776179732D7472757374002D2D69676E6F7265
type=AVC msg=audit(1652632401.304:1001): avc: denied { search } for pid=6997 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.304:1001): arch=c000003e syscall=21 success=no exit=-13 a0=560b11d4d5c0 a1=4 a2=0 a3=57 items=1 ppid=1284 pid=6997 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.304:1001): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.304:1001): item=0 name="/var/www/MISP/.gnupg/gpg.conf-2.2" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.304:1001): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D616C776179732D7472757374002D2D69676E6F7265
type=AVC msg=audit(1652632401.304:1002): avc: denied { search } for pid=6997 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.304:1002): arch=c000003e syscall=21 success=no exit=-13 a0=560b11d4d5c0 a1=4 a2=0 a3=57 items=1 ppid=1284 pid=6997 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.304:1002): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.304:1002): item=0 name="/var/www/MISP/.gnupg/gpg.conf-2" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.304:1002): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D616C776179732D7472757374002D2D69676E6F7265
type=AVC msg=audit(1652632401.304:1003): avc: denied { search } for pid=6997 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.304:1003): arch=c000003e syscall=21 success=no exit=-13 a0=560b11d4d5c0 a1=4 a2=0 a3=57 items=1 ppid=1284 pid=6997 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.304:1003): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.304:1003): item=0 name="/var/www/MISP/.gnupg/gpg.conf" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.304:1003): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D616C776179732D7472757374002D2D69676E6F7265
type=AVC msg=audit(1652632401.304:1004): avc: denied { search } for pid=6997 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.304:1004): arch=c000003e syscall=21 success=no exit=-13 a0=560b11d4d610 a1=4 a2=0 a3=57 items=1 ppid=1284 pid=6997 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.304:1004): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.304:1004): item=0 name="/var/www/MISP/.gnupg/options" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.304:1004): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D616C776179732D7472757374002D2D69676E6F7265
type=AVC msg=audit(1652632401.304:1005): avc: denied { search } for pid=6997 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.304:1005): arch=c000003e syscall=4 success=no exit=-13 a0=560b11d4d640 a1=7ffeda521db0 a2=7ffeda521db0 a3=57 items=1 ppid=1284 pid=6997 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=stat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.304:1005): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.304:1005): item=0 name="/var/www/MISP/.gnupg" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.304:1005): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D616C776179732D7472757374002D2D69676E6F7265
type=AVC msg=audit(1652632401.311:1006): avc: denied { search } for pid=7000 comm="gpg" name="sss" dev="dm-0" ino=67529013 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:sssd_var_lib_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.311:1006): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=55ff3bce2780 a2=80000 a3=0 items=1 ppid=1284 pid=7000 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.311:1006): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.311:1006): item=0 name="/var/lib/sss/mc/passwd" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.311:1006): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.311:1007): avc: denied { search } for pid=7000 comm="gpg" name="sss" dev="dm-0" ino=67529013 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:sssd_var_lib_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.311:1007): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=55ff3bce2780 a2=80000 a3=0 items=1 ppid=1284 pid=7000 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.311:1007): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.311:1007): item=0 name="/var/lib/sss/mc/passwd" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.311:1007): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.311:1008): avc: denied { search } for pid=7000 comm="gpg" name="sss" dev="dm-0" ino=67529013 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:sssd_var_lib_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.311:1008): arch=c000003e syscall=42 success=no exit=-13 a0=6 a1=7ffde43b8710 a2=6e a3=0 items=1 ppid=1284 pid=7000 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=connect AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=SOCKADDR msg=audit(1652632401.311:1008): saddr=01002F7661722F6C69622F7373732F70697065732F6E73730000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 SADDR={ saddr_fam=local path=/var/lib/sss/pipes/nss }
type=CWD msg=audit(1652632401.311:1008): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.311:1008): item=0 name="/var/lib/sss/pipes/nss" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.311:1008): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.311:1009): avc: denied { read } for pid=7000 comm="gpg" name="passwd" dev="dm-0" ino=135461644 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=0
type=SYSCALL msg=audit(1652632401.311:1009): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=7ff463e75eae a2=80000 a3=0 items=1 ppid=1284 pid=7000 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.311:1009): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.311:1009): item=0 name="/etc/passwd" inode=135461644 dev=fd:00 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:passwd_file_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 OUID="root" OGID="root"
type=PROCTITLE msg=audit(1652632401.311:1009): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.312:1010): avc: denied { search } for pid=7000 comm="gpg" name="sss" dev="dm-0" ino=67529013 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:sssd_var_lib_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.312:1010): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=55ff3bce75f0 a2=80000 a3=0 items=1 ppid=1284 pid=7000 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.312:1010): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.312:1010): item=0 name="/var/lib/sss/mc/passwd" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.312:1010): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.312:1011): avc: denied { search } for pid=7000 comm="gpg" name="sss" dev="dm-0" ino=67529013 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:sssd_var_lib_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.312:1011): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=55ff3bce75f0 a2=80000 a3=0 items=1 ppid=1284 pid=7000 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.312:1011): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.312:1011): item=0 name="/var/lib/sss/mc/passwd" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.312:1011): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.312:1012): avc: denied { search } for pid=7000 comm="gpg" name="sss" dev="dm-0" ino=67529013 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:sssd_var_lib_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.312:1012): arch=c000003e syscall=42 success=no exit=-13 a0=6 a1=7ffde43b86f0 a2=6e a3=0 items=1 ppid=1284 pid=7000 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=connect AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=SOCKADDR msg=audit(1652632401.312:1012): saddr=01002F7661722F6C69622F7373732F70697065732F6E73730000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 SADDR={ saddr_fam=local path=/var/lib/sss/pipes/nss }
type=CWD msg=audit(1652632401.312:1012): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.312:1012): item=0 name="/var/lib/sss/pipes/nss" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.312:1012): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.313:1013): avc: denied { read } for pid=7000 comm="gpg" name="passwd" dev="dm-0" ino=135461644 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=0
type=SYSCALL msg=audit(1652632401.313:1013): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=7ff463e75eae a2=80000 a3=0 items=1 ppid=1284 pid=7000 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.313:1013): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.313:1013): item=0 name="/etc/passwd" inode=135461644 dev=fd:00 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:passwd_file_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 OUID="root" OGID="root"
type=PROCTITLE msg=audit(1652632401.313:1013): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.313:1014): avc: denied { search } for pid=7000 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.313:1014): arch=c000003e syscall=21 success=no exit=-13 a0=55ff3bce75c0 a1=4 a2=0 a3=57 items=1 ppid=1284 pid=7000 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.313:1014): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.313:1014): item=0 name="/var/www/MISP/.gnupg/gpg.conf-2.2.20" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.313:1014): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.313:1015): avc: denied { search } for pid=7000 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.313:1015): arch=c000003e syscall=21 success=no exit=-13 a0=55ff3bce75c0 a1=4 a2=0 a3=57 items=1 ppid=1284 pid=7000 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.313:1015): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.313:1015): item=0 name="/var/www/MISP/.gnupg/gpg.conf-2.2" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.313:1015): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.313:1016): avc: denied { search } for pid=7000 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.313:1016): arch=c000003e syscall=21 success=no exit=-13 a0=55ff3bce75c0 a1=4 a2=0 a3=57 items=1 ppid=1284 pid=7000 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.313:1016): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.313:1016): item=0 name="/var/www/MISP/.gnupg/gpg.conf-2" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.313:1016): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.313:1017): avc: denied { search } for pid=7000 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.313:1017): arch=c000003e syscall=21 success=no exit=-13 a0=55ff3bce75c0 a1=4 a2=0 a3=57 items=1 ppid=1284 pid=7000 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.313:1017): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.313:1017): item=0 name="/var/www/MISP/.gnupg/gpg.conf" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.313:1017): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.313:1018): avc: denied { search } for pid=7000 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.313:1018): arch=c000003e syscall=21 success=no exit=-13 a0=55ff3bce7610 a1=4 a2=0 a3=57 items=1 ppid=1284 pid=7000 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.313:1018): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.313:1018): item=0 name="/var/www/MISP/.gnupg/options" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.313:1018): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.313:1019): avc: denied { search } for pid=7000 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.313:1019): arch=c000003e syscall=21 success=no exit=-13 a0=55ff3bce75c0 a1=0 a2=1000000 a3=1 items=1 ppid=1284 pid=7000 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.313:1019): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.313:1019): item=0 name="/var/www/MISP/.gnupg/random_seed" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.313:1019): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.313:1020): avc: denied { search } for pid=7000 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.313:1020): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=55ff3bce75c0 a2=0 a3=0 items=1 ppid=1284 pid=7000 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.313:1020): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.313:1020): item=0 name="/var/www/MISP/.gnupg/pubring.gpg" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.313:1020): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.313:1021): avc: denied { search } for pid=7000 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.313:1021): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=55ff3bce75c0 a2=0 a3=0 items=1 ppid=1284 pid=7000 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.313:1021): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.313:1021): item=0 name="/var/www/MISP/.gnupg/pubring.kbx" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.313:1021): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.313:1022): avc: denied { search } for pid=7000 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.313:1022): arch=c000003e syscall=21 success=no exit=-13 a0=55ff3bce75c0 a1=0 a2=1 a3=0 items=1 ppid=1284 pid=7000 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.313:1022): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.313:1022): item=0 name="/var/www/MISP/.gnupg/pubring.kbx" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.313:1022): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.313:1023): avc: denied { search } for pid=7000 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.313:1023): arch=c000003e syscall=21 success=no exit=-13 a0=55ff3bce75c0 a1=0 a2=102111 a3=0 items=1 ppid=1284 pid=7000 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.313:1023): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.313:1023): item=0 name="/var/www/MISP/.gnupg" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.313:1023): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.313:1024): avc: denied { search } for pid=7000 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.313:1024): arch=c000003e syscall=21 success=no exit=-13 a0=55ff3bce75c0 a1=0 a2=ffffffffffffff80 a3=0 items=1 ppid=1284 pid=7000 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.313:1024): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.313:1024): item=0 name="/var/www/MISP/.gnupg" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.313:1024): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.314:1025): avc: denied { search } for pid=7000 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.314:1025): arch=c000003e syscall=21 success=no exit=-13 a0=55ff3bce75c0 a1=0 a2=0 a3=0 items=1 ppid=1284 pid=7000 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.314:1025): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.314:1025): item=0 name="/var/www/MISP/.gnupg/secring.gpg" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.314:1025): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.314:1026): avc: denied { search } for pid=7000 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.314:1026): arch=c000003e syscall=4 success=no exit=-13 a0=55ff3bced9b0 a1=7ffde43b8b40 a2=7ffde43b8b40 a3=0 items=1 ppid=1284 pid=7000 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=stat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.314:1026): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.314:1026): item=0 name="/var/www/MISP/.gnupg/trustdb.gpg" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.314:1026): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.319:1027): avc: denied { search } for pid=7001 comm="gpg" name="sss" dev="dm-0" ino=67529013 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:sssd_var_lib_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.319:1027): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=5597119c5780 a2=80000 a3=0 items=1 ppid=1284 pid=7001 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.319:1027): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.319:1027): item=0 name="/var/lib/sss/mc/passwd" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.319:1027): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.319:1028): avc: denied { search } for pid=7001 comm="gpg" name="sss" dev="dm-0" ino=67529013 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:sssd_var_lib_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.319:1028): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=5597119c5780 a2=80000 a3=0 items=1 ppid=1284 pid=7001 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.319:1028): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.319:1028): item=0 name="/var/lib/sss/mc/passwd" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.319:1028): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.319:1029): avc: denied { search } for pid=7001 comm="gpg" name="sss" dev="dm-0" ino=67529013 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:sssd_var_lib_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.319:1029): arch=c000003e syscall=42 success=no exit=-13 a0=6 a1=7ffcd5904110 a2=6e a3=0 items=1 ppid=1284 pid=7001 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=connect AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=SOCKADDR msg=audit(1652632401.319:1029): saddr=01002F7661722F6C69622F7373732F70697065732F6E73730000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 SADDR={ saddr_fam=local path=/var/lib/sss/pipes/nss }
type=CWD msg=audit(1652632401.319:1029): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.319:1029): item=0 name="/var/lib/sss/pipes/nss" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.319:1029): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.319:1030): avc: denied { read } for pid=7001 comm="gpg" name="passwd" dev="dm-0" ino=135461644 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=0
type=SYSCALL msg=audit(1652632401.319:1030): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=7f67f3cd5eae a2=80000 a3=0 items=1 ppid=1284 pid=7001 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.319:1030): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.319:1030): item=0 name="/etc/passwd" inode=135461644 dev=fd:00 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:passwd_file_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 OUID="root" OGID="root"
type=PROCTITLE msg=audit(1652632401.319:1030): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.320:1031): avc: denied { search } for pid=7001 comm="gpg" name="sss" dev="dm-0" ino=67529013 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:sssd_var_lib_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.320:1031): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=5597119ca5f0 a2=80000 a3=0 items=1 ppid=1284 pid=7001 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.320:1031): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.320:1031): item=0 name="/var/lib/sss/mc/passwd" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.320:1031): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.320:1032): avc: denied { search } for pid=7001 comm="gpg" name="sss" dev="dm-0" ino=67529013 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:sssd_var_lib_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.320:1032): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=5597119ca5f0 a2=80000 a3=0 items=1 ppid=1284 pid=7001 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.320:1032): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.320:1032): item=0 name="/var/lib/sss/mc/passwd" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.320:1032): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.320:1033): avc: denied { search } for pid=7001 comm="gpg" name="sss" dev="dm-0" ino=67529013 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:sssd_var_lib_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.320:1033): arch=c000003e syscall=42 success=no exit=-13 a0=6 a1=7ffcd59040f0 a2=6e a3=0 items=1 ppid=1284 pid=7001 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=connect AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=SOCKADDR msg=audit(1652632401.320:1033): saddr=01002F7661722F6C69622F7373732F70697065732F6E73730000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 SADDR={ saddr_fam=local path=/var/lib/sss/pipes/nss }
type=CWD msg=audit(1652632401.320:1033): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.320:1033): item=0 name="/var/lib/sss/pipes/nss" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.320:1033): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.320:1034): avc: denied { read } for pid=7001 comm="gpg" name="passwd" dev="dm-0" ino=135461644 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=0
type=SYSCALL msg=audit(1652632401.320:1034): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=7f67f3cd5eae a2=80000 a3=0 items=1 ppid=1284 pid=7001 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.320:1034): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.320:1034): item=0 name="/etc/passwd" inode=135461644 dev=fd:00 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:passwd_file_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 OUID="root" OGID="root"
type=PROCTITLE msg=audit(1652632401.320:1034): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.320:1035): avc: denied { search } for pid=7001 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.320:1035): arch=c000003e syscall=21 success=no exit=-13 a0=5597119ca5c0 a1=4 a2=0 a3=57 items=1 ppid=1284 pid=7001 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.320:1035): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.320:1035): item=0 name="/var/www/MISP/.gnupg/gpg.conf-2.2.20" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.320:1035): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.320:1036): avc: denied { search } for pid=7001 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.320:1036): arch=c000003e syscall=21 success=no exit=-13 a0=5597119ca5c0 a1=4 a2=0 a3=57 items=1 ppid=1284 pid=7001 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.320:1036): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.320:1036): item=0 name="/var/www/MISP/.gnupg/gpg.conf-2.2" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.320:1036): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.320:1037): avc: denied { search } for pid=7001 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.320:1037): arch=c000003e syscall=21 success=no exit=-13 a0=5597119ca5c0 a1=4 a2=0 a3=57 items=1 ppid=1284 pid=7001 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.320:1037): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.320:1037): item=0 name="/var/www/MISP/.gnupg/gpg.conf-2" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.320:1037): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.320:1038): avc: denied { search } for pid=7001 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.320:1038): arch=c000003e syscall=21 success=no exit=-13 a0=5597119ca5c0 a1=4 a2=0 a3=57 items=1 ppid=1284 pid=7001 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.320:1038): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.320:1038): item=0 name="/var/www/MISP/.gnupg/gpg.conf" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.320:1038): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.320:1039): avc: denied { search } for pid=7001 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.320:1039): arch=c000003e syscall=21 success=no exit=-13 a0=5597119ca610 a1=4 a2=0 a3=57 items=1 ppid=1284 pid=7001 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.320:1039): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.320:1039): item=0 name="/var/www/MISP/.gnupg/options" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.320:1039): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.321:1040): avc: denied { search } for pid=7001 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.321:1040): arch=c000003e syscall=21 success=no exit=-13 a0=5597119ca5c0 a1=0 a2=1000000 a3=1 items=1 ppid=1284 pid=7001 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.321:1040): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.321:1040): item=0 name="/var/www/MISP/.gnupg/random_seed" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.321:1040): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.321:1041): avc: denied { search } for pid=7001 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.321:1041): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=5597119ca5c0 a2=0 a3=0 items=1 ppid=1284 pid=7001 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.321:1041): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.321:1041): item=0 name="/var/www/MISP/.gnupg/pubring.gpg" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.321:1041): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.321:1042): avc: denied { search } for pid=7001 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.321:1042): arch=c000003e syscall=257 success=no exit=-13 a0=ffffff9c a1=5597119ca5c0 a2=0 a3=0 items=1 ppid=1284 pid=7001 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=openat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.321:1042): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.321:1042): item=0 name="/var/www/MISP/.gnupg/pubring.kbx" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.321:1042): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.321:1043): avc: denied { search } for pid=7001 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.321:1043): arch=c000003e syscall=21 success=no exit=-13 a0=5597119ca5c0 a1=0 a2=1 a3=0 items=1 ppid=1284 pid=7001 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.321:1043): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.321:1043): item=0 name="/var/www/MISP/.gnupg/pubring.kbx" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.321:1043): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.321:1044): avc: denied { search } for pid=7001 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.321:1044): arch=c000003e syscall=21 success=no exit=-13 a0=5597119ca5c0 a1=0 a2=102111 a3=0 items=1 ppid=1284 pid=7001 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.321:1044): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.321:1044): item=0 name="/var/www/MISP/.gnupg" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.321:1044): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.321:1045): avc: denied { search } for pid=7001 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.321:1045): arch=c000003e syscall=21 success=no exit=-13 a0=5597119ca5c0 a1=0 a2=ffffffffffffff80 a3=0 items=1 ppid=1284 pid=7001 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=access AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.321:1045): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.321:1045): item=0 name="/var/www/MISP/.gnupg" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.321:1045): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
type=AVC msg=audit(1652632401.321:1046): avc: denied { search } for pid=7001 comm="gpg" name="www" dev="dm-0" ino=135212249 scontext=system_u:system_r:gpg_web_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0
type=SYSCALL msg=audit(1652632401.321:1046): arch=c000003e syscall=4 success=no exit=-13 a0=5597119d09b0 a1=7ffcd5904420 a2=7ffcd5904420 a3=0 items=1 ppid=1284 pid=7001 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gpg" exe="/usr/bin/gpg" subj=system_u:system_r:gpg_web_t:s0 key=(null) ARCH=x86_64 SYSCALL=stat AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=CWD msg=audit(1652632401.321:1046): cwd="/var/www/MISP/app/webroot"
type=PATH msg=audit(1652632401.321:1046): item=0 name="/var/www/MISP/.gnupg/trustdb.gpg" nametype=UNKNOWN cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PROCTITLE msg=audit(1652632401.321:1046): proctitle=2F7573722F62696E2F677067002D2D7374617475732D66640033002D2D636F6D6D616E642D66640034002D2D6E6F2D7365636D656D2D7761726E696E67002D2D6E6F2D747479002D2D6E6F2D64656661756C742D6B657972696E67002D2D6E6F2D6F7074696F6E73002D2D6E6F2D7065726D697373696F6E2D7761726E696E67
I've just tried the "correct" context for gpg files, with the httpd_use_gpg bool, but now test.php complains that hte directory is not writable.
sudo chcon -R -t gpg_secret_t /var/www/MISP/.gnupg/
sudo setsebool -P httpd_use_gpg 1
Crypt_GPG_FileException: The 'homedir' "/var/www/MISP/.gnupg" is not writable by the current user. Please check the permissions on your homedir and make sure the current user can both enter and write to the directory. in /var/www/MISP/app/Vendor/pear/crypt_gpg/Crypt/GPGAbstract.php on line 256
Why don't you put the .gnupg directory in the apache users homedirectory /usr/share/httpd ? This might prevent the selinux blockings.
I'll give that a go, I only put it in there as that is the direcotry the MISP install guide for RHEL8 uses.
I'll update once I've had a chance to try using /usr/share/httpd/.gnupg
.
no update since May 2022
Working with a clean install on RHEL8, all seems good except MISP is being blocked form accessing the GPG key by SELinux.
I'm not sure if this is an RPM issue, or a MISP issue to fix, so starting here.
Setup Steps
Per
RHEL8.md
then:Generate Key:
vi /tmp/gpg.conf
sudo gpg --homedir /var/www/MISP/.gnupg --batch --gen-key /tmp/gpg.conf
rm /tmp/gpg.conf
sudo chown apache: -R /var/www/MISP/.gnupg
sudo chcon -R -t httpd_sys_rw_content_t /var/www/MISP/.gnupg
sudo gpg --homedir /var/www/MISP/.gnupg --export --armor misp@domain.tld | sudo tee /var/www/MISP/app/webroot/gpg.asc
sudo chown apache: /var/www/MISP/app/webroot/gpg.asc
Configure
GnuPG.email
,GnuPG.homedir
andGnuPG.password
.I found that the SELinux bool to allow HTTPD to use GPG (
httpd_use_gpg
) is set to0
after install, setting this to1
changes the error, but doesn't fix the issue. Below is the output of https://github.com/SteveClement/misp-test with'debug' => true,
added to the start of the array on line 260 ($gpg = new Crypt_GPG(array(
).httpd_use_gpg = 0
Status:
Crypt_GPG_Exception: Unknown error getting keys. Please use the 'debug' option when creating the Crypt_GPG object, and file a bug report at http://pear.php.net/bugs/report.php?package=Crypt_GPG in /var/www/MISP/app/Vendor/pear/crypt_gpg/Crypt/GPG/Engine.php on line 1741
.Debug Output
audit.log
httpd_use_gpg = 1
Status:
Crypt_GPG_KeyNotFoundException: Key not found: misp@domain.tld in /var/www/MISP/app/Vendor/pear/crypt_gpg/Crypt/GPG.php on line 1164
.Debug Output
audit.log
[too long to post will add as comment]
After sudo setenforce 0
The key loads as expected.
Debug Output