On Fri, Apr 09, 2010 at 08:36:39PM +0900, Shintaro Fujiwara wrote: > Hi, I'm recently working on F12 web server and I got httpd_t execstack > and execmem. > Can I allow those ? > The server I'm woking on right now is a test server which have copied > all the contents from FC6 which I have move on permissive mode for > half a year. > I have not read a log at all on FC6 server. > I'm trying to move all the contents that I have now on F12. > I already succeeded another web server which has no script stuff so > the problem may caused by the script which I have written for certain > web-pages. > > The server I'm working I can't touch couple of days, but some script I > wrote wants to do that, I guess. > The script has a type httpd_sys_content_t still, so that may be a problem. > Yes, it's in the documentroot of Apache. > > Maybe I should put the script outside of documentroot or label other > than httpd stuff with local.pp. > > I could not have time to read that thouroughly, but I can report on Monday. > > I will report this matter till I get the right answer and I run the > server right. Could you enclose avc denials of the particular events please? You may have mislabelled files, as you suggested yourself. > > Thanks in advance. > ------------------------------------------- > segatex--SELinux tool > > http://sourceforge.net/projects/segatex/ > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux
Attachment:
pgpg1VPIdxlVq.pgp
Description: PGP signature
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
