On 07/17/2012 09:12 AM, Ole Holm Nielsen wrote: >>> SOLUTION: >>> setsebool -P httpd_enable_cgi=on >>> chcon -t httpd_unconfined_script_exec_t /.../cgi-bin/moin.cgi >> >> I'm not sure about the setsebool option, although I didn't set up Apache in >> my >> environment that uses SELinux, but I found that I needed to give my CGI >> script the httpd_sys_content_t type.
I've found out that you can view the SELinux messages by "sealert -a /var/log/audit/audit.log". This gave the following interesting information: > SELinux is preventing /usr/sbin/httpd from execute access on the file > /var/www/wiki/cgi-bin/moin.cgi. > > ***** Plugin restorecon (93.9 confidence) suggests ************************* > > If you want to fix the label. > /var/www/wiki/cgi-bin/moin.cgi default label should be > httpd_unconfined_script_exec_t. > Then you can run restorecon. > Do > # /sbin/restorecon -v /var/www/wiki/cgi-bin/moin.cgi So that would seem to settle the question about moin.cgi contexts, right? Regards, Ole ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Moin-user mailing list Moin-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/moin-user
