-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ian Leonard wrote:
Hi,
I have a web app that will create xml files. It has been running for a
while now but has suddenly started giving errors as per below (I guess a
maintenance update did it).
audit(1193660948.194:421): avc: denied { write } for pid=3358
comm="eco_upload.cgi" name="2007-10.xml" dev=dm-0 ino=58753075
scontext=system_u:system_r:httpd_t:s0
tcontext=user_u:object_r:var_lib_t:s0 tclass=file
My minimal selinux knowledge has allowed me to fix the problem with the
file, but a new files is created once a month. I am guessing that next
month I will have the same problem.
I guess I need to do something to the cgi script to allow it to create
the files.
Any advice appreciated.
What directory does this file get created in?
If this directory was labeled http_sys_content_rw_t it would work.
For example if the directory was /var/lib/eco then
chcon -R -t httpd_sys_content_rw_t /var/lib/eco/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora -
http://enigmail.mozdev.org
iD8DBQFHKhajrlYvE4MpobMRAv1BAJ9XNkwZABn6Gk0KxDE+WzFOsvmArgCcCamo
737jiAfLBSTOkI8RVXzuuug=
=Kdj/
-----END PGP SIGNATURE-----