SELinux
Selinux denied access to php_exec(). I have tryed to allow it with
audit2allow -a -M httpd
and thensemodule -i httpd
but it doesn't work. audit2why shows many lines like
type=AVC msg=audit(1246431002.917:67): avc: denied { execute_no_trans } for pid=4621 comm="ldd" path="/usr/bin/mencoder" dev=hdb1 ino=24527774 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:unconfined_execmem_exec_t:s0 tclass=file
Was caused by:
Missing or disabled TE allow rule.
Allow rules may exist but be disabled by boolean settings; check boolean settings.
You can see the necessary allow rules by running audit2allow with this audit message as input.
and
type=AVC msg=audit(1246408757.234:70): avc: denied { execute_no_trans } for pid=3203 comm="ldd" path="/lib64/ld-2.5.so" dev=hdb1 ino=6127890 scontext=root:system_r:httpd_t:s0 tcontext=system_u:object_r:ld_so_t:s0 tclass=file
Was caused by:
Unknown - would be allowed by active policy
Possible mismatch between this policy and the one under which the audit message was generated.
Possible mismatch between current in-memory boolean settings vs. permanent ones.
the OS is CentOS 5.3. PHP safe_mode is Off.
howto fix that?
thanks in advance
Comments
-
The problem is solved with:
setsebool -P httpd_disable_trans on
thanks to Evolution from The IRC.0 -
Thanks a bunch. I was having the same problem with SELinux for a few weeks and didn't know what to do. My sysadmin pretty much gave up on it. I spent hours on Google trying to find a solution but no help. I didn't know that I would get the fix in this forum and that it would be so easy! Thanks so much!0
Categories
- 9.7K All Categories
- 19 LFX Mentorship
- 72 LFX Mentorship: Linux Kernel
- 438 Linux Foundation Boot Camps
- 259 Cloud Engineer Boot Camp
- 88 Advanced Cloud Engineer Boot Camp
- 40 DevOps Engineer Boot Camp
- 18 Cloud Native Developer Boot Camp
- Express Training Courses
- Express Courses - Discussion Forum
- 1.5K Training Courses
- 17 LFC110 Class Forum
- 3 LFC131 Class Forum
- 18 LFD102 Class Forum
- 112 LFD103 Class Forum
- 8 LFD121 Class Forum
- 59 LFD201 Class Forum
- 1 LFD213 Class Forum - Discontinued
- 128 LFD232 Class Forum
- 23 LFD254 Class Forum
- 526 LFD259 Class Forum
- 99 LFD272 Class Forum
- 1 LFD272-JP クラス フォーラム
- 1 LFS145 Class Forum
- 18 LFS200 Class Forum
- 736 LFS201 Class Forum
- 1 LFS201-JP クラス フォーラム
- LFS203 Class Forum
- 23 LFS207 Class Forum
- 292 LFS211 Class Forum
- 53 LFS216 Class Forum
- 41 LFS241 Class Forum
- 33 LFS242 Class Forum
- 31 LFS243 Class Forum
- 9 LFS244 Class Forum
- 27 LFS250 Class Forum
- 1 LFS250-JP クラス フォーラム
- 121 LFS253 Class Forum
- 915 LFS258 Class Forum
- 10 LFS258-JP クラス フォーラム
- 78 LFS260 Class Forum
- 122 LFS261 Class Forum
- 27 LFS262 Class Forum
- 77 LFS263 Class Forum
- 15 LFS264 Class Forum
- 10 LFS266 Class Forum
- 13 LFS267 Class Forum
- 16 LFS268 Class Forum
- 13 LFS269 Class Forum
- 190 LFS272 Class Forum
- 1 LFS272-JP クラス フォーラム
- 201 LFW211 Class Forum
- 147 LFW212 Class Forum
- 887 Hardware
- 210 Drivers
- 74 I/O Devices
- 44 Monitors
- 115 Multimedia
- 206 Networking
- 98 Printers & Scanners
- 85 Storage
- 744 Linux Distributions
- 88 Debian
- 64 Fedora
- 12 Linux Mint
- 13 Mageia
- 24 openSUSE
- 132 Red Hat Enterprise
- 33 Slackware
- 13 SUSE Enterprise
- 353 Ubuntu
- 465 Linux System Administration
- 37 Cloud Computing
- 65 Command Line/Scripting
- Github systems admin projects
- 94 Linux Security
- 77 Network Management
- 107 System Management
- 47 Web Management
- 59 Mobile Computing
- 21 Android
- 24 Development
- 1.2K New to Linux
- 1.1K Getting Started with Linux
- 523 Off Topic
- 126 Introductions
- 210 Small Talk
- 19 Study Material
- 779 Programming and Development
- 254 Kernel Development
- 491 Software Development
- 918 Software
- 255 Applications
- 181 Command Line
- 2 Compiling/Installing
- 75 Games
- 316 Installation
- 43 All In Program
- 43 All In Forum
Upcoming Training
-
August 20, 2018
Kubernetes Administration (LFS458)
-
August 20, 2018
Linux System Administration (LFS301)
-
August 27, 2018
Open Source Virtualization (LFS462)
-
August 27, 2018
Linux Kernel Debugging and Security (LFD440)