Apache/Perl question

John Abreau john.abreau at zuken.com
Fri Aug 19 11:20:02 EDT 2005 

On Thu, 18 Aug 2005 22:22:15 -0400
"Ronny Serrano" <RSerrano at heartsonfire.com> wrote:

> please keep the ideas coming.I saw Nathan's suggestion, but I'm not
> sure if that would help me at this point. If I'm getting these errors
> should I get basic CGI/Perl working before adding in something else?

One thing that tripped me up recently was SElinux. If your kernel is
using it, it might cause this sort of problem.

Try checking for it with "ls -Z /var/www/htm;". On an older system, ls
will complain that it doesn't recognize the "-Z" option; if this
happens, then SElinux isn't a problem, and you can ignore this message. 

If you do have SElinux running, then you should see something like 

    -rw-r--r-- root root  root:object_r:httpd_sys_content_t  index.html

The triple after the user and group is the SElinux attributes. In this
case, index.html has the SElinux attributes

    user = root
    role = object_r
    type = httpd_sys_content_t

The type is the important one here; in this case, apache wants static
html files to have type "httpd_sys_content_t".  Looking in 
/etc/selinux/targeted/contexts/files/file_contexts, I see the following
apache types:

    httpd_cache_t
    httpd_config_t
    httpd_exec_t
    httpd_helper_exec_t
    httpd_log_t
    httpd_modules_t
    httpd_squirrelmail_t
    httpd_suexec_exec_t
    httpd_sys_content_t
    httpd_sys_script_exec_t
    httpd_user_content_t
    httpd_var_lib_t
    httpd_var_run_t

I would imagine a cgi script would be either httpd_exec_t or
httpd_sys_script_exec_t. 

If your kernel is running SElinux and your perl script isn't one of
these types, you can change the type with chcon: 

    sudo chcon -t httpd_exec_t foo.pl

-- 
John Abreau
IT Manager
Zuken USA
238 Littleton Rd., Suite 100
Westford, MA 01886
T: 978-392-1777            F: 978-692-4725
M: 978-764-8934
E: John.Abreau at zuken.com  W: www.zuken.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.blu.org/pipermail/discuss/attachments/20050819/b28ff84a/attachment.sig>

More information about the Discuss mailing list