Selinux, Oracle, DBD::Oracle, RHEL5B2

[Daniel J Walsh]

Thomas J. Baker wrote:
> On Fri, 2007-01-19 at 03:29 -0800, Steve G wrote:
>   
>>> Almost got everything working except for this selinux problem (http log error):
>>>       
>> We need to see the avcs associated with this.
>>
>> -Steve
>>
>>     
>
> I get 
>
> type=AVC msg=audit(1169215302.727:10760): avc:  denied  { execheap } for
> pid=25241 comm="httpd" scontext=user_u:system_r:httpd_t:s0
> tcontext=user_u:system_r:httpd_t:s0 tclass=process
> type=SYSCALL msg=audit(1169215302.727:10760): arch=40000003 syscall=125
> success=no exit=-13 a0=7653000 a1=1e7000 a2=5 a3=bfb540f0 items=0
> ppid=25239 pid=25241 auid=4490 uid=48 gid=48 euid=48 suid=48 fsuid=48
> egid=48 sgid=48 fsgid=48 tty=(none) comm="httpd" exe="/usr/sbin/httpd"
> subj=user_u:system_r:httpd_t:s0 key=(null)
>
> that coincides with the httpd log of 
>
>
> [Fri Jan 19 09:01:42 2007] [error] [client 132.177.241.80]
> install_driver(Oracle) failed: Can't load
> '/usr/lib/perl5/site_perl/5.8.8/i386-linux-thread-multi/auto/DBD/Oracle/Oracle.so' for module DBD::Oracle: /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libnnz10.so: cannot restore segment prot after reloc: Permission denied at /usr/lib/perl5/5.8.8/i386-linux-thread-multi/DynaLoader.pm line 230.\n at (eval 11) line 3\nCompilation failed in require at (eval 11) line 3.\nPerhaps a required shared library or dll isn't installed where expected\n at /web1/perl/Lib/Layout2/Core/Initializer.pm line 191\n\t(in cleanup) Can't call method "disconnect" on an undefined value at /web1/perl/Lib/Layout2/Core/Initializer.pm line 206.\n
>
> I've turned on execheap and restarted the webserver but still get this
> same error.
>
> tjb
>   
chcon -t textrel_shlib_t 
/usr/lib/perl5/site_perl/5.8.8/i386-linux-thread-multi/auto/DBD/Oracle/Oracle.so

chcon -t textrel_shlib_t /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libnnz10.so