On Tue, 2005-04-26 at 23:09 -0400, brett wrote:
Hi,
I had to disable SELinux on my apache httpd in order to get my php scripts
to work. They proc_open() gpg and SELinux didn't like that. Is there
anyway to allow gpg to get through proc_open() so i can still have SELinux
checking up on my webserver?
Details, please:
- what policy are you running: strict or targeted, FC3 or FC4/devel?
- what httpd_* booleans do you have enabled?
- where have you placed the keyring for gpg that you want accessible via
httpd?
- what avc denials did you get in /var/log/messages (FC3)
or /var/log/audit/audit.log (FC4)?
--
Stephen Smalley <sds(a)tycho.nsa.gov>
National Security Agency