Dan Track wrote:
On 7/27/06, Paul Howarth <paul@xxxxxxxxxxxx> wrote:
Dan Track wrote:
> Hi All
>
> I'm having trouble running software, especially the cgi scripts. I
> keep getting the following denial messages:
>
> audit(1153994541.663:20): avc: denied { execute_no_trans } for
> pid=9258 comm="httpd" name="status.cgi" dev=sda2 ino=19426
> scontext=root:system_r:httpd_t tcontext=system_u:object_r:lib_t
> tclass=file
>
> The files are located in /usr/lib/nagios/cgi/
>
> Could some please help me figure this out. I've started to read
> through the selinux manual but its a huge climb and would appreciate
> ways to solve the above.
You should read "man httpd_selinux", which has notes on running CGI
programs under SELinux.
You generally need to set the SELinux context type of CGI programs to
httpd_sys_script_exec_t:
# chcon -R -t httpd_sys_script_exec_t /usr/lib/nagios/cgi
Is this the nagios version in Fedora Extras? If it is, failure to work
with SELinux enabled should be bugzilla-ed.
Paul.
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Hi Paul,
Thanks for the reply. I manged the above before I read you rmessage.
Thanks for the heads up though. Would you be able to help on the next
"search" error message.
It's being denied access to search the /var/log directory to see what's
in it.
Just to add this is a nagios install from source.
Is there some particular reason you're not using the package in Extras,
which *may* have solved these problems already?
Paul.