Sounds like an issue with SELinux, alright. I ran into the same problem while integrating Tomcat and the Apache web server. I used the audit2allow command. (This was on RHEL5).
I first copied the raw audit entry into a temporary file named "avc.temp". In your case, you would copy the following into that file:
Quote:
avc: denied { write } for pid=1954 comm="httpd" name="jk-runtime-status" dev=dm-0 ino=1293754 scontext=user_u:system_r:httpd_t tcontext=user_u: object_r:httpd_log_t tclass=file
|
Then, I used audit2allow to read that entry in, where it automatically the created a SELinux policy I needed for jk-runtime-status.
Steps/Commands:
1) audit2allow -M local < avc.tmp
2) Your policy created! --> Policy is written to a local file named "local.pp"
3) semodule -i local.pp
You may need to temporarily set SELinux to permissive so that you can apply the policy contained in "local.pp". That should clear the problem you face with SELinux. It's much easier to do this than to go hunting around for incorrect file labels.