Re: apache selinx problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Jay Berryman wrote:

What avc error messages do you see in /var/log/messages?
Nov 6 13:35:41 doggett kernel: audit(1162838141.073:45): avc: denied { execute_no_trans } for pid=17313 comm="httpd" name="aa_geocentric.pl" dev=hda2 ino=1839292 scontext=root:system_r:httpd_t tcontext=system_u:object_r:httpd_sys_script_exec_t tclass=file 



Jay Berryman, RHCT, RHCE
Systems Engineer
Phone:  (402)-963-6347
E-Mail:  Jay.Berryman@xxxxxxxxx

This message and any attachments are intended only for the use of the
addressee and may contain information that is privileged and
confidential. If the reader of the message is not the intended
recipient, or the authorized agent of the intended recipient, you are
hereby notified that any dissemination of this communication is strictly
prohibited. If you have received this communication in error, please
notify SITEL immediately by telephone at 402.963.6001 and delete the
message and any attachments from your system. Thank you for your
cooperation.


-----Original Message-----
From: redhat-list-bounces@xxxxxxxxxx
[mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Bill Tangren
Sent: Monday, November 06, 2006 12:11 PM
To: General Red Hat Linux discussion list
Subject: apache selinx problem
I am having a perplexing apache problem, probably caused by incorrect permissions on files and/or directories. 

I three web servers. One does not run on a server that uses SELinux. The
other two do. One of them executes scripts just fine. The other does not. This is the error I get: 

[Mon Nov 06 12:54:45 2006] [error] [client 10.1.5.58] (13)Permission
denied: exec of '/home/httpd/cgi-bin/aa_geocentric.pl' failed 
[Mon Nov 06 12:54:45 2006] [error] [client 10.1.5.58] Premature end of
script headers: aa_geocentric.pl 


The script is located in /home/httpd/cgi-bin. [The same script is
located on the other two servers, and works just fine.] This is what I get when looking at permissions. 

# ll -Z /home
drwxr-xr-x  apache   AA       system_u:object_r:httpd_sys_content_t
httpd

# ll -Z /home/httpd
drwxrwxr-x  apache   AA       system_u:object_r:httpd_sys_script_exec_t
cgi-bin

# ll -Z /home/httpd/aa_geocentric.pl
-rwxrwxr-x apache AA system_u:object_r:httpd_sys_script_exec_t aa_geocentric.pl 

"AA" is my department's user's group.

I can log into the server and run the script from the command line just
fine.

Html seems to render just fine. The problem is with cgi scripts. I've
tried UNIX shell scripts, and I get the same problem. 

Any ideas what the problem might be?

TIA,
Bill Tangren



--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]

  Powered by Linux