Selinux with Apache running PHP
Jayendren Anand Maduray
jayendren at hivsa.com
Mon Nov 7 06:23:02 UTC 2005
Hi!
>What avc messages are you seeing in /var/log/messages or
/var/log/audit/audit.log?
From /var/log/messages:
Nov 4 20:27:22 shiva dbus: avc: 1 AV entries and 1/512 buckets used,
longest chain length 1
Nov 4 20:27:49 shiva dbus: avc: 3 AV entries and 3/512 buckets used,
longest chain length 1
From var/log/audit/audit.log:
NONE - i do not have the specified directory on my system?
Daniel J Walsh wrote:
> Jayendren Anand Maduray wrote:
>
>>
>> Good day all.
>>
>> I am having trouble running PHP files in my webserver: Apache.
>>
>> Here is some information:
>>
>> [root at shiva warez]# rpm -qi php
>> Name : php Relocations: (not
>> relocatable)
>> Version : 4.3.11 Vendor: Red Hat, Inc.
>> Release : 2.7 Build Date: Thu 25 Aug
>> 2005 11:26:47 SAST
>> Install Date: Thu 03 Nov 2005 13:51:24 SAST Build Host:
>> tweety.build.redhat.com
>> Group : Development/Languages Source RPM:
>> php-4.3.11-2.7.src.rpm
>> Size : 3373100 License: The PHP License
>> Signature : DSA/SHA1, Thu 25 Aug 2005 18:02:04 SAST, Key ID
>> b44269d04f2a6fd2
>> Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
>> URL : http://www.php.net/
>> Summary : The PHP HTML-embedded scripting language. (PHP:
>> Hypertext Preprocessor)
>>
>> [root at shiva warez]# rpm -qi httpd
>> Name : httpd Relocations: (not
>> relocatable)
>> Version : 2.0.52 Vendor: Red Hat, Inc.
>> Release : 3.1 Build Date: Thu 11 Nov
>> 2004 17:39:18 SAST
>> Install Date: Fri 22 Apr 2005 08:37:05 SAST Build Host:
>> dolly.build.redhat.com
>> Group : System Environment/Daemons Source RPM:
>> httpd-2.0.52-3.1.src.rpm
>> Size : 2407431 License: Apache
>> Software License
>> Signature : DSA/SHA1, Fri 12 Nov 2004 22:58:01 SAST, Key ID
>> b44269d04f2a6fd2
>> Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
>> URL : http://httpd.apache.org/
>> Summary : The httpd Web server
>>
>> [root at shiva warez]# uname -a
>> Linux shiva 2.6.9-1.667smp #1 SMP Tue Nov 2 14:59:52 EST 2004 i686
>> i686 i386 GNU/Linux
>>
>> SElinux is running in enforcing mode, and I have disabled protection
>> for apache.
>>
>> I am trying to setup PHP Nuke on my webserver, but it has trouble
>> running PHP files.
>>
>> Also tried the following from the fedora-forum:
>>
>> changed permissions of the php files: chmod 755 *.php
>> turning off SELinux protection, which works of course.
>>
>> But I like SELinux!!!
>>
>> Please advise.
>>
> What avc messages are you seeing in /var/log/messages or
> /var/log/audit/audit.log?
>
--
Jayendren Anand Maduray
Microsoft Certified Professional
Network Plus
IT Administrator
Perinatal HIV Research Unit
Old Potch Road
Chris Hani Baragwanath Hospital
Soweto
South Africa
Tel: +27 11 989 9776
Tel: +27 11 989 9999
Fax: +27 11 938 3973
Cel: 082 22 774 94
Alternate email address: jayendren at mweb.co.za
More information about the fedora-selinux-list
mailing list