CGI and Selinux

Stuart Sears stuart at sjsears.com
Fri Sep 29 11:16:02 UTC 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Nair, Murlidharan T wrote:
> I am trying to get my cgi to work on my server but for some reason,
> which I feel may be associated with some setting with selinux,
> it fails to run.
> I did the following 
>  
> chcon -h -t httpd_sys_script_exec_t  /mnt/webservice/splicecgi-bin

And what are the error messages that tell you that this is
SELinux-related? (you could well be correct)

Pasting an example would help.
Look for messages containing 'avc' and 'http' in /var/log/messages
or possibly /var/log/audit/audit.log (only if you are running auditd)

What are the httpd error messages when you try to access a CGI script?

Have you enabled the cgi boolean for httpd?

# setsebool -P httpd_enable_cgi=1

what is the context on
/mnt/webservice
and its subdirectories?

# ls -Zd mnt/webservice/splicecgi-bin
# ls -Zd /mnt/webservice/splicehtml


does normal http service work for those virtualhosts?

<snip>
> Here is what my httpd.cnf looks like since it is a virtual host.
> Thanks ../Murli

- --
Stuart Sears RHCA RHCSS RHCX ASAP PDQ STFU
There is no time like the present for postponing what you ought to be doing.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFFHQByamPtx1brPQ4RAlfKAJ4q+FYV+E7b0egWEBS5gTpTLPYt1gCdGpr5
iSxEh3TqjR0avjKDFEXor3E=
=f3L7
-----END PGP SIGNATURE-----




More information about the Redhat-install-list mailing list