FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora SELinux Support

LinkBack Thread Tools
Old 12-14-2007, 02:07 PM
Mark Knoop
Default Python httpd permission denied

I am running a python script as Apache CGI in
~/www/sitename/python/index.py. All was working fine in F7 and F8 until
selinux-policy-3.0.8-58 arrived in updates. I've only now had time to
look at this and am not sure what the problem might be.

Apache error log reads:
[error] [client] python: can't open file
'/home/user/www/sitename/python/index.py': [Errno 13] Permission denied

setroubleshoot: #012 SELinux is preventing the python from using
potentially mislabeled files <Unknown> (user_home_dir_t).#012 For
complete SELinux messages. run sealert -l

The script is labelled user_ubject_r:httpd_sys_content_t, I've also
tried httpd_sys_script_exec_t but get the same error.

Labelling as httpd_unconfined_script_exec_t DOES work, as do other
(non-CGI) pages. There don't seem to be any changes in the changelogs
for -57 and -58 which would affect this... any ideas?

* Fri Nov 16 2007 Dan Walsh <dwalsh@redhat.com> 3.0.8-58
- Allow nmbd to list inotifyfs_t
- Dontaudit consolekit access to user homedir
- dontaudit nscd getserv and shmemserv
- Allow rsync_t dac overrides
- Allow xfs_t to listen to sockets

* Fri Nov 16 2007 Dan Walsh <dwalsh@redhat.com> 3.0.8-57
- Allow lvm to search mnt
- Add booleans for xguest account

Mark Knoop

fedora-selinux-list mailing list

Thread Tools

All times are GMT. The time now is 10:17 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org