On 03/30/2010 10:17 AM, Arian wrote:
Hello all,
I am using Oracle 11.2 instant client on CentOS (which i heard is based
a version of Fedora/RedHat), and I was trying to use php's PDO and oci8
modules to test connections to Oracle.
I had originally gotten a php error about pdo_oci.so/oci8.so data execution
on a dynamic
link library, libclsh. I asked selinux boards and they said to try
'setsebool -P allow_execstack on'... I think after that change, i
still had issues, so they suggested to turn it off temporarily to see
if it works...
So I went into /etc/sysconfig/selinux and set:
SELINUX=disabled
and my script connected and read some rows from the oracle db.
Im not sure if anyone has had issues with oracle client to work with
selinux, without turning it off.
I saw a blog stating to run these, but i have no idea if it will work
for my version of oracle, or what it does:
"tail -f /var/log/audit/audit.log | tee oracle.log
audit2allow -M oracle < oracle.log
semodule -i oracle.pp"
Thanks!,
Ari
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
If you turn it back on, contact me and we can work through the problems.
SELINUX=permissive
Would have allowed your processes to work and logged all of the errors.
Which we could have then fixed.
SELinux error messages are written as "AVC" messages in
/var/log/audit/audit.log
|
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
