RE: Error executing script through Apache

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello All

Pete - You were right!

When I try to execute I get this in the audit log.

type=AVC msg=audit(1445006093.179:15955): avc:  denied  { write } for  pid=22733 comm="udt" name="apphome" dev=dm-0 ino=23199745 scontext=unconfined_u:system_r:httpd_sys_script_t:s0 tcontext=unconfined_u:object_r:default_t:s0 tclass=dir
type=SYSCALL msg=audit(1445006093.179:15955): arch=40000003 syscall=5 per=400000 success=no exit=-13 a0=ffeb8bcc a1=242 a2=1b6 a3=7 items=0 ppid=22731 pid=22733 auid=0 uid=800 gid=100 euid=800 suid=800 fsuid=800 egid=100 sgid=100 fsgid=100 tty=(none) ses=1242 comm="udt" exe="/usr/ud73/bin/udt" subj=unconfined_u:system_r:httpd_sys_script_t:s0 key=(null)
type=AVC msg=audit(1445006093.179:15956): avc:  denied  { append } for  pid=22733 comm="udt" name="udt.errlog" dev=dm-0 ino=64490264 scontext=unconfined_u:system_r:httpd_sys_script_t:s0 tcontext=unconfined_u:object_r:usr_t:s0 tclass=file
type=SYSCALL msg=audit(1445006093.179:15956): arch=40000003 syscall=5 per=400000 success=no exit=-13 a0=ffeb66ac a1=441 a2=1b6 a3=83d46a9 items=0 ppid=22731 pid=22733 auid=0 uid=800 gid=100 euid=800 suid=800 fsuid=800 egid=100 sgid=100 fsgid=100 tty=(none) ses=1242 comm="udt" exe="/usr/ud73/bin/udt" subj=unconfined_u:system_r:httpd_sys_script_t:s0 key=(null)
type=AVC msg=audit(1445006093.179:15957): avc:  denied  { associate } for  pid=22733 comm="udt" key=1157629479  scontext=unconfined_u:system_r:httpd_sys_script_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=shm
type=SYSCALL msg=audit(1445006093.179:15957): arch=40000003 syscall=117 per=400000 success=no exit=-13 a0=17 a1=45000627 a2=0 a3=0 items=0 ppid=22731 pid=22733 auid=0 uid=800 gid=100 euid=800 suid=800 fsuid=800 egid=100 sgid=100 fsgid=100 tty=(none) ses=1242 comm="udt" exe="/usr/ud73/bin/udt" subj=unconfined_u:system_r:httpd_sys_script_t:s0 key=(null)


Please forgive my ignorance, but what can I do now to resolve this?

Thank you,
David C. Johnson

David C.Johnson 
Schoolcraft College
Administrative Systems
Senior Systems Administrator
A-180
1(734)462-4716
djohnson@xxxxxxxxxxxxxxx

-----Original Message-----
From: Pete Houston [mailto:ph1@xxxxxxxxxxxxxxxx] 
Sent: Friday, October 16, 2015 10:27 AM
To: users@xxxxxxxxxxxxxxxx
Subject: Re:  Error executing script through Apache

On Fri, Oct 16, 2015 at 02:21:45PM +0000, David Johnson wrote:
> What would be different about being logged in as www at the command line and calling a script vs. running Apache as www and calling it through the intranet?

The SELinux context will be different. Check the audit log to see if it's being denied.

Pete
--
Openstrike - improving business through open source http://www.openstrike.co.uk/ or call 01722 770036

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux