On Tuesday 17 July 2012 11:12:32 Ole Holm Nielsen wrote: > > I've found out that you can view the SELinux messages by "sealert -a > /var/log/audit/audit.log".
Yes, I haven't had to deal with this for a while, but the audit log will tell you when things go wrong for no apparent reason, such as a user getting a "permission denied" error when they clearly have sufficient normal permissions. > This gave the following interesting information: > > SELinux is preventing /usr/sbin/httpd from execute access on the file > > /var/www/wiki/cgi-bin/moin.cgi. > > > > ***** Plugin restorecon (93.9 confidence) suggests > > ************************* > > > > If you want to fix the label. > > /var/www/wiki/cgi-bin/moin.cgi default label should be > > httpd_unconfined_script_exec_t. Then you can run restorecon. > > Do > > # /sbin/restorecon -v /var/www/wiki/cgi-bin/moin.cgi > > So that would seem to settle the question about moin.cgi contexts, right? I guess so. It's possible that my installation is a bit different as I wasn't the person who set up Apache, but httpd_sys_content_t works for me. Paul P.S. The classic "not working when it should" situation is where you get a "bad interpreter" error or something similar for no apparent reason when running a Python program that has all the appropriate permissions. That's when you should check to see if the filesystem is mounted with the noexec flag - a *really* annoying situation! ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Moin-user mailing list Moin-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/moin-user
