<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2800.1479" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>Ok I thought I had this SELinux thing figured out
atleast a little.</FONT></DIV>
<DIV><FONT face=Arial size=2>Finally got httpd to startup.</FONT></DIV>
<DIV><FONT face=Arial size=2>But now I have perl/cgi script
problems.</FONT></DIV>
<DIV><FONT face=Arial size=2>When trying to access my Genesis WebAuthoring
System the script works in the /cgi-bin/genesis/ directory displaying the login
screen</FONT></DIV>
<DIV><FONT face=Arial size=2>but when I go to log in I get this error
message.</FONT></DIV>
<DIV><FONT face=Arial size=2><STRONG></STRONG></FONT> </DIV>
<DIV><FONT face=Arial size=2><STRONG>Error:</STRONG> could not write to file
'/var/www/pteraweb/cgi-bin/genesis/script_data/accounts/.webauth_tokens' -
Permission denied - Permission denied </FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Plus these on the console</FONT></DIV>
<DIV><FONT face=Arial size=2>Dec 2 21:04:37 webmail kernel:
audit(1102050277.791:0): avc: denied { search } for pid=2359
exe=/usr/bin/perl name=sys dev=proc ino=-268435431
scontext=root:system_r:httpd_sys_script_t tcontext=system_u:object_r:sysctl_t
tclass=dir<BR>Dec 2 21:04:54 webmail kernel: audit(1102050294.906:0):
avc: denied { search } for pid=2360 exe=/usr/bin/perl
scontext=root:system_r:httpd_sys_script_t
tcontext=system_u:object_r:sysctl_kernel_t tclass=dir<BR>Dec 2 21:04:54
webmail kernel: audit(1102050294.906:0): avc: denied { search }
for pid=2360 exe=/usr/bin/perl name=sys dev=proc ino=-268435431
scontext=root:system_r:httpd_sys_script_t tcontext=system_u:object_r:sysctl_t
tclass=dir<BR>Dec 2 21:04:55 webmail kernel: audit(1102050295.132:0):
avc: denied { write } for pid=2360 exe=/usr/bin/perl
name=.webauth_tokens dev=dm-0 ino=228251
scontext=root:system_r:httpd_sys_script_t
tcontext=system_u:object_r:httpd_sys_content_t tclass=file<BR></FONT></DIV>
<DIV><FONT face=Arial size=2>Oh I know what this means so I added this to my
custom.fc</FONT></DIV>
<DIV><FONT face=Arial size=2>/var/www/.*/cgi-bin(/.*)?
system-u:object_r:httpd_sys_script_exec_t</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>which is what I saw in file_contexts for
/var/www/cgi-bin</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>make load</FONT></DIV>
<DIV><FONT face=Arial size=2>fixfiles relabel</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>The log shows it relabled everything.</FONT></DIV>
<DIV><FONT face=Arial size=2>But now I get...</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Dec 3 13:42:38 webmail kernel:
audit(1102110158.398:0): avc: denied { search } for pid=1873
exe=/usr/bin/perl name=sys dev=proc ino=-268435431
scontext=user_u:system_r:httpd_sys_script_t tcontext=system_u:object_r:sysctl_t
tclass=dir<BR>Dec 3 13:42:47 webmail kernel: audit(1102110167.739:0):
avc: denied { search } for pid=1874 exe=/usr/bin/perl
scontext=user_u:system_r:httpd_sys_script_t
tcontext=system_u:object_r:sysctl_kernel_t tclass=dir<BR>Dec 3 13:42:47
webmail kernel: audit(1102110167.740:0): avc: denied { search }
for pid=1874 exe=/usr/bin/perl name=sys dev=proc ino=-268435431
scontext=user_u:system_r:httpd_sys_script_t tcontext=system_u:object_r:sysctl_t
tclass=dir<BR>Dec 3 13:42:47 webmail kernel: audit(1102110167.964:0):
avc: denied { write } for pid=1874 exe=/usr/bin/perl
name=.webauth_tokens dev=dm-0 ino=228251
scontext=user_u:system_r:httpd_sys_script_t
tcontext=system_u:object_r:httpd_sys_script_exec_t tclass=file<BR></FONT></DIV>
<DIV><FONT face=Arial size=2>So I ran out of what I know to do or maybe I messed
things up.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2> </DIV></FONT>
<DIV><FONT face=Arial size=2>Arthur Stephens<BR>Sales Technician<BR>Ptera
Wireless Internet<BR><A
href="mailto:astephens@ptera.net">astephens@ptera.net</A><BR>509-927-Ptera</FONT></DIV></BODY></HTML>