Re: Selinux woes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dan Track wrote:
Hi All

I'm having trouble running software, especially the cgi scripts. I
keep getting the following denial messages:

audit(1153994541.663:20): avc:  denied  { execute_no_trans } for
pid=9258 comm="httpd" name="status.cgi" dev=sda2 ino=19426
scontext=root:system_r:httpd_t tcontext=system_u:object_r:lib_t
tclass=file

The files are located in /usr/lib/nagios/cgi/

Could some please help me figure this out. I've started to read
through the selinux manual but its a huge climb and would appreciate
ways to solve the above.

You should read "man httpd_selinux", which has notes on running CGI programs under SELinux.

You generally need to set the SELinux context type of CGI programs to httpd_sys_script_exec_t:

# chcon -R -t httpd_sys_script_exec_t /usr/lib/nagios/cgi

Is this the nagios version in Fedora Extras? If it is, failure to work with SELinux enabled should be bugzilla-ed.

Paul.


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux