Which permission to execute a script?
Bruno Wolff III
bruno at wolff.to
Mon Nov 17 15:16:07 UTC 2008
On Mon, Nov 17, 2008 at 09:33:50 -0500,
Daniel J Walsh <dwalsh at redhat.com> wrote:
>
> Bruno Wolff III wrote:
> > I was making a modified version of the guest policy that needed to be able
> > to edit and run some perl scripts that also are visible to the web server.
> > I used the manage_files macro and allowed execute, but I can't run the
> > script directly. But I can run it via perl.
> >
> > For example:
> >
> > [tomarndt at wolff area]$ ./newcheck.pl
> > -bash: ./newcheck.pl: /usr/bin/perl: bad interpreter: Permission denied
>
> getsebool -a | grep xgues
> allow_xguest_exec_content --> off
>
> xguest is not allowed by default to execute anything in its home dir.
> Turning on this boolean should allow it.
I tried this and it didn't work. I think there is something else going on
though, as I got a different error before I added:
allow tom_t httpd_sys_script_exec_t:file execute;
I think that running a shell script needs something else, but I don't know
what.
More information about the selinux
mailing list