[CentOS] FYI: an selinux hack

Fri Jan 10 14:03:34 UTC 2014
m.roth at 5-cent.us <m.roth at 5-cent.us>

We've got a website that was written years ago, and maintained by various
people since. For some unknown reason, the original person or persons
hard-coded, in a number of scripts, for these perl CGI scripts to write to
a logfile... in the websites cgi-bin directory.

*DUH*

And the guy who was more-or-less maintaining it fixed one or two (I don't
know how, he probably hardcoded), but the rest still wrote to the same
log. No, I can't go in and fix it all.

So, to shut up selinux, I moved the logs to /var/log/httpd/website/, and
made a symlink from the cgi-bin location to there... and it worked. No
garbage from selinux.

Of *course* it's a hack, but I figured there are others out there in the
same position - aren't allowed to go fix it *right* (as in, they should
read a config file in /etc...), have to have selinux at least permissive,
and want to cut down the noise in the logs.

        mark