selinux and oracle instantclient
Arian
armyofda12mnkeys at gmail.com
Tue Mar 30 14:17:13 UTC 2010
Hello all,
I am using Oracle 11.2 instant client on CentOS (which i heard is based a
version of Fedora/RedHat), and I was trying to use php's PDO and oci8
modules to test connections to Oracle.
I had originally gotten a php error about pdo_oci.so/oci8.so data execution
on a dynamic link library, libclsh. I asked selinux boards and they said to
try 'setsebool -P allow_execstack on'... I think after that change, i still
had issues, so they suggested to turn it off temporarily to see if it
works...
So I went into /etc/sysconfig/selinux and set:
SELINUX=disabled
and my script connected and read some rows from the oracle db.
Im not sure if anyone has had issues with oracle client to work with
selinux, without turning it off.
I saw a blog stating to run these, but i have no idea if it will work for my
version of oracle, or what it does:
"tail -f /var/log/audit/audit.log | tee oracle.log
audit2allow -M oracle < oracle.log
semodule -i oracle.pp"
Thanks!,
Ari
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/selinux/attachments/20100330/bb479fcf/attachment.html
More information about the selinux
mailing list