Selinux woes
Dan Track
dan.track at gmail.com
Thu Jul 27 10:23:15 UTC 2006
On 7/27/06, Dan Track <dan.track at gmail.com> wrote:
> Hi All
>
> I'm having trouble running software, especially the cgi scripts. I
> keep getting the following denial messages:
>
> audit(1153994541.663:20): avc: denied { execute_no_trans } for
> pid=9258 comm="httpd" name="status.cgi" dev=sda2 ino=19426
> scontext=root:system_r:httpd_t tcontext=system_u:object_r:lib_t
> tclass=file
>
> The files are located in /usr/lib/nagios/cgi/
>
> Could some please help me figure this out. I've started to read
> through the selinux manual but its a huge climb and would appreciate
> ways to solve the above.
>
> Thanks in advance
> Dan
>
Hi
Just to add to my previous mail. I ran the following after reading man
shttpd_selinux:
chcon -t httpd_sys_script_exec_t /usr/lib/nagios/cgi/status.cgi
After running that I now get the following error messages:
audit(1153995566.816:26): avc: denied { search } for pid=15126
comm="status.cgi" name="log" dev=sda3 ino=48001
scontext=root:system_r:httpd_sys_script_t
tcontext=system_u:object_r:var_log_t tclass=dir
Can someone help me with understanding this. What is "search"?
Thanks in advance
Dan
More information about the fedora-list
mailing list