Selinux woes
Dan Track
dan.track at gmail.com
Thu Jul 27 10:34:05 UTC 2006
On 7/27/06, Paul Howarth <paul at city-fan.org> wrote:
> Dan Track wrote:
> > Hi All
> >
> > I'm having trouble running software, especially the cgi scripts. I
> > keep getting the following denial messages:
> >
> > audit(1153994541.663:20): avc: denied { execute_no_trans } for
> > pid=9258 comm="httpd" name="status.cgi" dev=sda2 ino=19426
> > scontext=root:system_r:httpd_t tcontext=system_u:object_r:lib_t
> > tclass=file
> >
> > The files are located in /usr/lib/nagios/cgi/
> >
> > Could some please help me figure this out. I've started to read
> > through the selinux manual but its a huge climb and would appreciate
> > ways to solve the above.
>
> You should read "man httpd_selinux", which has notes on running CGI
> programs under SELinux.
>
> You generally need to set the SELinux context type of CGI programs to
> httpd_sys_script_exec_t:
>
> # chcon -R -t httpd_sys_script_exec_t /usr/lib/nagios/cgi
>
> Is this the nagios version in Fedora Extras? If it is, failure to work
> with SELinux enabled should be bugzilla-ed.
>
> Paul.
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>
Hi Paul,
Thanks for the reply. I manged the above before I read you rmessage.
Thanks for the heads up though. Would you be able to help on the next
"search" error message.
Just to add this is a nagios install from source.
Thanks
Dan
More information about the fedora-list
mailing list