[rt-users] Rt and SeLinux

2007-03-20 Thread bijayant kumar 
Hello to all,
 I am trying to configure Rt-3.6.1 on my CentOs server with 
SeLinux feature enabled. Everything goes well, but when i try to open RT on web 
browser it gives me an error. I can not disable selinux feature, because it is 
not in the company policy. So, i have to configure it with selinux. I have seen 
in mailing list Archives that one gentleman has configured it in his Fedora-3. 
So, i am requesting to that gentleman and to the whole members that please help 
me. I will be very thankful to you all for the same. 

I am giving my errors for the initial troubleshooting, hope it helps :

# tail -f /var/log/httpd/error_log

[Tue Mar 20 03:55:05 2007] [error] Cannot write to '/opt/rt3/var/log/rt.log': 
Permission denied at /usr/lib/perl5/site_perl/5.8.5/Log/Dispatch/File.pm line 
86.\n


#tail -f /var/log/messages

Mar 20 03:54:37 cs4 kernel: audit(1174380877.908:4213): avc:  denied  { search 
} for  pid=1797 comm=httpd name=rt-3.6.1 dev=hda3 ino=5571946 
scontext=root:system_r:httpd_t tcontext=user_u:object_r:user_home_t tclass=dir

Mar 20 03:54:37 cs4 kernel: audit(1174380877.908:4214): avc:  denied  { search 
} for  pid=1797 comm=httpd name=rt-3.6.1 dev=hda3 ino=5571946 
scontext=root:system_r:httpd_t tcontext=user_u:object_r:user_home_t tclass=dir

Mar 20 03:54:38 cs4 kernel: audit(1174380878.135:4215): avc:  denied  { search 
} for  pid=1797 comm=httpd name=rt-3.6.1 dev=hda3 ino=5571946 
scontext=root:system_r:httpd_t tcontext=user_u:object_r:user_home_t tclass=dir

Mar 20 03:54:38 cs4 kernel: audit(1174380878.135:4216): avc:  denied  { search 
} for  pid=1797 comm=httpd name=rt-3.6.1 dev=hda3 ino=5571946 
scontext=root:system_r:httpd_t tcontext=user_u:object_r:user_home_t tclass=dir

Mar 20 03:54:38 cs4 kernel: audit(1174380878.136:4217): avc:  denied  { search 
} for  pid=1797 comm=httpd name=rt-3.6.1 dev=hda3 ino=5571946 
scontext=root:system_r:httpd_t tcontext=user_u:object_r:user_home_t tclass=dir

Mar 20 03:54:38 cs4 kernel: audit(1174380878.136:4218): avc:  denied  { search 
} for  pid=1797 comm=httpd name=rt-3.6.1 dev=hda3 ino=5571946 
scontext=root:system_r:httpd_t tcontext=user_u:object_r:user_home_t tclass=dir

I think this is an issue of selinux, because whole RT directory is in  777  
mode.
Any help can resolve my problem in great deal. So, please help me.


Bijayant Kumar
 Send instant messages to your online friends http://uk.messenger.yahoo.com ___
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Community help: http://wiki.bestpractical.com
Commercial support: [EMAIL PROTECTED]


Discover RT's hidden secrets with RT Essentials from O'Reilly Media. 
Buy a copy at http://rtbook.bestpractical.com

Re: [rt-users] Rt and SeLinux

2007-03-20 Thread Toby Darling 

Hi


Hello to all, I am trying to configure Rt-3.6.1 on my CentOs server
with SeLinux feature enabled. 


You probably want to investigate audit2allow :
http://www.linuxcommand.org/man_pages/audit2allow1.html
___
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Community help: http://wiki.bestpractical.com
Commercial support: [EMAIL PROTECTED]


Discover RT's hidden secrets with RT Essentials from O'Reilly Media. 
Buy a copy at http://rtbook.bestpractical.com

Re: [rt-users] Rt and SeLinux

2007-03-20 Thread chaim rieger 

Toby Darling wrote:

Hi


Hello to all, I am trying to configure Rt-3.6.1 on my CentOs server
with SeLinux feature enabled. 


You probably want to investigate audit2allow :
http://www.linuxcommand.org/man_pages/audit2allow1.html
___
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Community help: http://wiki.bestpractical.com
Commercial support: [EMAIL PROTECTED]


Discover RT's hidden secrets with RT Essentials from O'Reilly Media. 
Buy a copy at http://rtbook.bestpractical.com



i would also look at
*chcon -t httpd_sys_content_t public_html
this command is for allowing html pages to be served via apache when 
seliux is enabled, play around with it to allow your log files to be 
created/read.

*

--
--
Chaim Rieger

___
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Community help: http://wiki.bestpractical.com
Commercial support: [EMAIL PROTECTED]


Discover RT's hidden secrets with RT Essentials from O'Reilly Media. 
Buy a copy at http://rtbook.bestpractical.com