[CentOS] selinux denial of cgi script with httpd using ssl
Gregory P. Ennis
PoMec at PoMec.NetMon Sep 4 17:07:04 UTC 2017
- Previous message: [CentOS] rkhunter and prelink
- Next message: [CentOS] selinux denial of cgi script with httpd using ssl
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Everyone, I am trying to use a cgi perl script for a CentOs 7 website that works fine with selinux in permissive mode but fails with selinux in enforcing mode. The problem I have is that I can not find where the selinux error message is being recorded. It does not appear to be in the /var/log/messages or /var/log/audit/audit.log. I do not get any /var/log/httpd/ssl_error_log entries. I do get a successful entry into /var/log/httpd/ssl_access_log and ssl_request_log when selinux is in permissive mode, but not when selinux is in enforcing mode. The only place I can see that I am getting an error message is in the /var/log/httpd/error_log which is as follows : Mon Sep 04 11:40:24.216569 2017] [cgi:error] [pid 2290] [client x.x.x.x:55748] AH01215: (13)Permission denied: exec of '/var/www/cgi-bin/name.of.script.cgi' failed, referer: https://name.domain.com/ When selinux is in permissive mode the above error does not occur and the script works fine. When selinux is in enforcing mode the above error occurs, and the cgi script fails to execute. Is there a way to increase the sensitivity of selinux loging, or is there a different place to look for the error that prevents the execution of the script. Your help would be appreciated. Thanks, Greg Ennis
- Previous message: [CentOS] rkhunter and prelink
- Next message: [CentOS] selinux denial of cgi script with httpd using ssl
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list