Hi, I have a php software installed on a centos server with selinux enforced activeted. The php software (glpi --> http://www.glpi-project.org) have a plugin that must write on a temp dir... but selinux dont give access to that dir to write. How should i do ? lewis
On 21/10/10 11:57, admin lewis wrote:> Hi, > I have a php software installed on a centos server with selinux > enforced activeted. > The php software (glpi --> http://www.glpi-project.org) have a plugin > that must write on a temp dir... but selinux dont give access to that > dir to write. > How should i do ? > lewisTake a look at the "Troubleshooting" section of the SELinux guide on the Wiki: http://wiki.centos.org/HowTos/SELinux#head-02c04b0b030dd3c3d58bb7acbbcff033505dd3af
> How should i do ?You probably need to use chcon to change the SELinux context of the temp directory to httpd_sys_content_t (or something like httpd_<specific>_script_rw_t). In order to troubleshoot: - switch SELinux to permissive mode - perform your actions (they should now work, and the SELinux issues will be written in the audit log) - run sealert -a on the /var/log/audit/audit.log file, it will give you hint on how to fix it