Try running 'setsebool httpd_enable_cgi true'
as root. This should fix it.
You may also want to check out http://fedora.redhat.com/docs/selinux-apache-fc3/
as it has some good documentation. I assume RHEL4 has some selinux
docs as well, but I haven't read through them yet.
--
Jim Perrin
Arbelos Systems
On Wed, 09 Mar 2005 13:34:03 -0600, Aleksandar Milivojevic
<amilivojevic@xxxxxx> wrote:
> I have freshly installed CentOS 4 box, with Apache installed. I've
> placed some CGI programs into /var/www/cgi-bin, however SELinux is
> preventing the execution. One program is statically linked executable,
> and the other is shell script.
>
> It seems that everything has correct context:
>
> Output of ls -Z for relevant files/directories looks like this. All
> files and directories are user/group root:root, mode 755. Looks like it
> should work:
>
> system_u:object_r:httpd_exec_t /usr/sbin/httpd
> system_u:object_r:httpd_sys_script_exec_t /var/www/cgi-bin
> root:object_r:httpd_sys_script_exec_t /var/www/cgi-bin/compiled-exe.cgi
> root:object_r:httpd_sys_script_exec_t /var/www/cgi-bin/sehll-script.sh
>
> However, when Apache attempts to run any of them, I'm getting this error
> messages logged in /var/log/messages:
>
> kernel: audit(1110396095.427:0): avc: denied { execute_no_trans } for
> pid=1234 exe=/usr/sbin/httpd path=/var/www/cgi-bin/compiled-exe.cgi
> dev=dm-1 ino=12345 scontext=user_u:system_r:httpd_t
> tcontext=root:object_r:httpd_sys_script_exec_t tclass=file
>
> Same thing if I try it out from command line.
>
> I've Googled around, and was not able to find anything helpful. All I
> was able to find were pointers telling me to set the security context of
> files the way it is already set up.
>
> --
> Aleksandar Milivojevic <amilivojevic@xxxxxx> Pollard Banknote Limited
> Systems Administrator 1499 Buffalo Place
> Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxxx
> http://lists.caosity.org/mailman/listinfo/centos
>
