Re: perl/cgi script problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

So do I force the upgrade?

----- Original Message ----- 
From: "Arthur Stephens" <astephens@xxxxxxxxx>
To: "Fedora SELinux support list for users & developers."
<fedora-selinux-list@xxxxxxxxxx>
Sent: Friday, December 03, 2004 1:15 PM
Subject: Re: perl/cgi script problem


> [root@webmail ~]# rpm -Uvh
> selinux-policy-targeted-sources-1.17.30-2.42.noarch.rpm
> error: Failed dependencies:
>         selinux-policy-targeted = 1.17.30-2.42 is needed by
> selinux-policy-targeted-sources-1.17.30-2.42.noarch
> [root@webmail ~]# rpm -Uvh selinux-policy-targeted-1.17.30-2.42.noarch.rpm
> error: Failed dependencies:
>         selinux-policy-targeted = 1.17.30-2.34 is needed by (installed)
> selinux-policy-targeted-sources-1.17.30-2.34.noarch
>
> ----- Original Message ----- 
> From: "Daniel J Walsh" <dwalsh@xxxxxxxxxx>
> To: "Fedora SELinux support list for users & developers."
> <fedora-selinux-list@xxxxxxxxxx>
> Sent: Friday, December 03, 2004 11:34 AM
> Subject: Re: perl/cgi script problem
>
>
> > Arthur Stephens wrote:
> >
> > > Ok I thought I had this SELinux thing figured out atleast a little.
> > > Finally got httpd to startup.
> > > But now I have perl/cgi script problems.
> > > When trying to access my Genesis WebAuthoring System the script works
> > > in the /cgi-bin/genesis/ directory displaying the login screen
> > > but when I go to log in I get this error message.
> > > **
> > > *Error:* could not write to file
> > >
'/var/www/pteraweb/cgi-bin/genesis/script_data/accounts/.webauth_tokens'
> > > - Permission denied - Permission denied
> > >
> > > Plus these on the console
> > > Dec  2 21:04:37 webmail kernel: audit(1102050277.791:0): avc:  denied
> > > { search } for  pid=2359 exe=/usr/bin/perl name=sys dev=proc
> > > ino=-268435431 scontext=root:system_r:httpd_sys_script_t
> > > tcontext=system_u:object_r:sysctl_t tclass=dir
> > > Dec  2 21:04:54 webmail kernel: audit(1102050294.906:0): avc:  denied
> > > { search } for  pid=2360 exe=/usr/bin/perl
> > > scontext=root:system_r:httpd_sys_script_t
> > > tcontext=system_u:object_r:sysctl_kernel_t tclass=dir
> > > Dec  2 21:04:54 webmail kernel: audit(1102050294.906:0): avc:  denied
> > > { search } for  pid=2360 exe=/usr/bin/perl name=sys dev=proc
> > > ino=-268435431 scontext=root:system_r:httpd_sys_script_t
> > > tcontext=system_u:object_r:sysctl_t tclass=dir
> > > Dec  2 21:04:55 webmail kernel: audit(1102050295.132:0): avc:  denied
> > > { write } for  pid=2360 exe=/usr/bin/perl name=.webauth_tokens
> > > dev=dm-0 ino=228251 scontext=root:system_r:httpd_sys_script_t
> > > tcontext=system_u:object_r:httpd_sys_content_t tclass=file
> > > Oh I know what this means so I added this to my custom.fc
> > > /var/www/.*/cgi-bin(/.*)? system-u:object_r:httpd_sys_script_exec_t
> > >
> > > which is what I saw in file_contexts for /var/www/cgi-bin
> > >
> > > make load
> > > fixfiles relabel
> > >
> > > The log shows it relabled everything.
> > > But now I get...
> > >
> > > Dec  3 13:42:38 webmail kernel: audit(1102110158.398:0): avc:  denied
> > > { search } for  pid=1873 exe=/usr/bin/perl name=sys dev=proc
> > > ino=-268435431 scontext=user_u:system_r:httpd_sys_script_t
> > > tcontext=system_u:object_r:sysctl_t tclass=dir
> > > Dec  3 13:42:47 webmail kernel: audit(1102110167.739:0): avc:  denied
> > > { search } for  pid=1874 exe=/usr/bin/perl
> > > scontext=user_u:system_r:httpd_sys_script_t
> > > tcontext=system_u:object_r:sysctl_kernel_t tclass=dir
> > > Dec  3 13:42:47 webmail kernel: audit(1102110167.740:0): avc:  denied
> > > { search } for  pid=1874 exe=/usr/bin/perl name=sys dev=proc
> > > ino=-268435431 scontext=user_u:system_r:httpd_sys_script_t
> > > tcontext=system_u:object_r:sysctl_t tclass=dir
> > > Dec  3 13:42:47 webmail kernel: audit(1102110167.964:0): avc:  denied
> > > { write } for  pid=1874 exe=/usr/bin/perl name=.webauth_tokens
> > > dev=dm-0 ino=228251 scontext=user_u:system_r:httpd_sys_script_t
> > > tcontext=system_u:object_r:httpd_sys_script_exec_t tclass=file
> > > So I ran out of what I know to do or maybe I messed things up.
> > >
> > >
> > > Arthur Stephens
> > > Sales Technician
> > > Ptera Wireless Internet
> > > astephens@xxxxxxxxx <mailto:astephens@xxxxxxxxx>
> > > 509-927-Ptera
> > >
> >
>------------------------------------------------------------------------
> > >
> > >--
> > >fedora-selinux-list mailing list
> > >fedora-selinux-list@xxxxxxxxxx
> > >http://www.redhat.com/mailman/listinfo/fedora-selinux-list
> > >
> > We have placed an update to the SELinux policy that should fix this
> problem.
> > I am not sure it has made it into Fedora-Updates yet.  The latest policy
> > is available at
> >
> > ftp://people.redhat.com/dwalsh/SELinux/FC3
> >
> > Dan
> >
> > --
> > fedora-selinux-list mailing list
> > fedora-selinux-list@xxxxxxxxxx
> > http://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list@xxxxxxxxxx
> http://www.redhat.com/mailman/listinfo/fedora-selinux-list
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux