No clue why I'm getting this AVC
m.roth at 5-cent.us
m.roth at 5-cent.us
Tue Apr 1 18:27:03 UTC 2014
CentOS 6.5, current.
ll -aZ /.../apps/trac/<proj>/cgi-bin/
drwxr-xr-x. apache root system:object_r:httpd_sys_script_exec_t:s0 .
drwxr-xr-x. apache root system:object_r:httpd_sys_content_t:s0 ..
-rwxr-xr-x. apache root system:object_r:httpd_sys_script_exec_t:s0 trac.cgi
-rwxr-xr-x. apache root system:object_r:httpd_sys_script_exec_t:s0 trac.fcgi
-rwxr-xr-x. apache root system:object_r:httpd_sys_script_exec_t:s0 trac.wsgi
httpd_enable_cgi --> on
Name : selinux-policy-targeted
Version : 3.7.19
Release : 231.el6
>From the sealert:
SELinux is preventing /usr/bin/python from ioctl access on the file
/public/apps/trac/PLT/cgi-bin/trac.cgi.
***** Plugin restorecon (94.8 confidence) suggests
*************************
If you want to fix the label.
/<...>/apps/trac/<...>/cgi-bin/trac.cgi default label should be
httpd_sys_script_exec_t.
Then you can run restorecon.
Do
# /sbin/restorecon -v /public/apps/trac/PLT/cgi-bin/trac.cgi
mark
More information about the selinux
mailing list