search for: httpd_enable_cgi

I'm trying to get perl CGI programs to work from the cgi-bin (actually a sub-directory cgi-bin/various) and have set appropriate permissions using chmod 755. I'm currently testing using the simplest cgi program, you know the one: #!/usr/bin/perl # howdy--the easiest of CGI programs use CGI; print <<END_of_Multiline_Text; Content-type: text/html <HTML> <HEAD>

I am running xapian and omega on a Centos 6.4 SELinux enabled box. When I do a search I get the following message: Exception: Couldn't read format template `query' (Permission denied) If I disable SELinux the search executes correctly. I have enabled the httpd_enable_cgi boolean but that still does not allow the permissions needed. What else do I need to configure in SELinux for xapian and omega to work? Thanks

...n_write', 'cvs_data', 'allow_ftpd_anon_write', 'device', 'catchall_boolean', 'automount_exec_config', 'leaks', 'setenforce', 'ftpd_is_daemon', 'allow_zebra_write_config', 'firefox', 'nfs_export_all_ro', 'httpd_enable_cgi', 'httpd_tty_comm', 'public_content', 'ftp_home_dir', 'prelink_mislabled', 'allow_execstack', 'spamd_enable_home_dirs', 'sshd_root', 'samba_share_nfs', 'httpd_builtin_scripting', 'allow_ftpd_full_access', 'defau...

...:system_r:httpd_suexec_t tcontext=system_u:object_r:usr_t tclass=lnk_file %-------------------------- This is independent of the script being perl or sh, and despite the errors the cgi executes correctly. 'sestatus' reports: httpd_builtin_scripting active httpd_disable_trans inactive httpd_enable_cgi active httpd_enable_homedirs inactive httpd_ssi_exec inactive httpd_tty_comm inactive httpd_unified inactive Either httpd_ssi_exec or httpd_unified have made no difference in those errors. When I deactivate mod_suexec and comment SuexecUserGroup in Apache conf...

SELinux appears to be interfering with winbind's functionality. I have the lastest policy package installed: selinux-policy-targeted-1.17.30-2.149 which allegedly solves this problem according to the RedHat knowledge base, but clearly does not. I have to turn off SELinux by using setenforce 0 (permissive) to get winbind to work at all, and based on what I see in the log files,

...f allow_httpd_squid_script_anon_write --> off allow_httpd_sys_script_anon_write --> off httpd_builtin_scripting --> on httpd_can_network_connect --> off httpd_can_network_connect_db --> off httpd_can_network_relay --> off httpd_can_sendmail --> on httpd_disable_trans --> off httpd_enable_cgi --> on httpd_enable_ftp_server --> off httpd_enable_homedirs --> on httpd_read_user_content --> off httpd_rotatelogs_disable_trans --> off httpd_ssi_exec --> off httpd_suexec_disable_trans --> off httpd_tty_comm --> on httpd_unified --> on httpd_use_cifs --> off httpd_...

Thanks for your help. I did pick up an additional entry in the audit file : type=AVC msg=audit(1504561395.709:10196): avc: denied { execute } for pid=19163 comm="/usr/sbin/httpd" name="s.check.cgi" dev="dm-0" ino=537182029 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=file Unfortunately, I am not sure how the