restorecon didn't change ls -lZ output Can you give me the exact command for chcon? It complains there are too few arguments, and I couldn't figure it out. Does this really matter? I moved the selinux folder and its contents as well as sent an "echo 0>..." command to kill it. Furthermore, [r...@13gems global_solutions]# ps wax|grep selinux 17645 pts/0 S+ 0:00 grep selinux Please advise. V
On Sat, Nov 7, 2009 at 5:49 PM, Rami Chowdhury <rami.chowdh...@gmail.com>wrote: > > On Saturday 07 November 2009 13:51:06 Victor Subervi wrote: > > httpd.conf: > > > > <VirtualHost *:80> > > ServerAdmin m...@creative.vi > > DocumentRoot /var/www/html/angrynates.com > > ServerName angrynates.com > > Options +ExecCGI -IncludesNoExec > > <Directory /var/www/html/angrynates.com/global_solutions/*> > > You may want to change this to: > <Directory /var/www/html/angrynates.com/global_solutions> > > If you want regular expression syntax, I would advise using the syntax > <Directory ~ EXPRESSION> > or > <DirectoryMatch ~ EXPRESSION> > > > #ls -lZ > > drwxr-xr-x root root 1024 > > drwxr-xr-x root root 1132 > > drwxr-xr-x root root 1255 > [snip] > > It looks like you don't have *any* SELinux context information; if SELinux > is > on, this will cause problems. Try using the 'restorecon' command to put the > defaults in place, and consider using 'chcon' to change the security > context > to an appropriate one (I believe you want something like > 'unconfined_u:object_r:httpd_sys_content_t' for Apache content). > > > > > On Sat, Nov 7, 2009 at 4:09 PM, Rami Chowdhury > <rami.chowdh...@gmail.com>wrote: > > > On Saturday 07 November 2009 06:13:11 Victor Subervi wrote: > > > > I have a serious privileges problem that is making it impossible to > > > > serve python pages on a CentOS server. It appears that nobody on the > > > > CentOS discussion list has a solution to this problem. I'm desperate > > > > and hoping someone on this list can help. > > > > > > > > [Fri Nov 06 11:50:40 2009] [error] [client 66.248.168.98] (2)No such > > > > file or directory: exec of > > > > '/var/www/html/angrynates.com/global_solutions/index.py' failed, > > > > > > referer: > > > > http://angrynates.com/global_solutions/ > > > > [Fri Nov 06 11:50:40 2009] [error] [client 66.248.168.98] Premature > end > > > > > > of > > > > > > > script headers: index.py, referer: > > > > > > http://angrynates.com/global_solutions/ > > > > > > > Now, the file does exist: > > > > > > > > [r...@13gems global_solutions]# pwd > > > > /var/www/html/angrynates.com/global_solutions > > > > [r...@13gems global_solutions]# ls > > > > .... > > > > -rwxr-xr-x 1 victor victor 275 Nov 6 07:05 index.py > > > > .... > > > > and it serves just fine on another server, so there is no "premature > > > > end > > > > > > of > > > > > > > script headers". > > > > > > > > > > > > Here's where it gets really weird. If I copy the code for index.py > and > > > > template.py which the former calls, and create files test.py and > > > > test2.py and paste the code from the former files in those new files > > > > changing only the import statement from "template" to "test2", the > > > > tests will resolve!! Now, the ownership and mode are identical on all > > > > of them!! > > > > > > > > > > > > [r...@13gems global_solutions]# ls -al | grep test.py > > > > -rwxr-xr-x 1 root root 298 Nov 6 12:24 test.py > > > > [r...@13gems global_solutions]# ls -al | grep test2.py > > > > -rwxr-xr-x 1 root root 5716 Nov 6 12:25 test2.py > > > > [r...@13gems global_solutions]# ls -al | grep index.py > > > > -rwxr-xr-x 1 root root 316 Nov 6 07:05 index.py > > > > [r...@13gems global_solutions]# ls -al | grep template.py > > > > -rwxr-xr-x 1 root root 5806 Nov 6 07:06 template.py > > > > -rwxr-xr-x 1 root root 6093 Nov 6 07:06 template.pyc > > > > > > > > where test.py is identical to index.py (other than the necessary > > > > import) and template is identical to test2.py > > > > > > > > > > > > fixfiles relabel /var/www/html > > > > # might just work > > > > It didn't > > > > > > > > touch /.autorelabel > > > > # and then reboot will relabel all copied files to the correct > contexts > > > > > > for > > > > > > > the location > > > > I rebooted apache with no luck > > > > > > > > or you could turn off SELinux and reboot > > > > I did that and the following two solutions with no luck: > > > > echo 0 >/selinux/enforce > > > > > > > > [r...@13gems ~]# cd /etc/ > > > > [r...@13gems etc]# mv selinux/ selinux.BAK > > > > [r...@13gems etc]# mkdir selinux > > > > [r...@13gems etc]# echo 0>/selinux/enforce > > > > > > > > ...and the problem continues: > > > > [r...@13gems etc]# tail /var/log/httpd/error_log > > > > [Fri Nov 06 12:51:49 2009] [error] [client 66.248.168.98] Premature > end > > > > > > of > > > > > > > script headers: index.py, referer: > > > > > > http://angrynates.com/global_solutions/ > > > > > > > [Fri Nov 06 12:56:18 2009] [error] [client 66.248.168.98] (2)No such > > > > file or directory: exec of > > > > '/var/www/html/angrynates.com/global_solutions/index.py' failed, > > > > > > referer: > > > > http://angrynates.com/global_solutions/ > > > > [Fri Nov 06 12:56:18 2009] [error] [client 66.248.168.98] Premature > end > > > > > > of > > > > > > > script headers: index.py, referer: > > > > > > http://angrynates.com/global_solutions/ > > > > > > > [Fri Nov 06 12:56:20 2009] [error] [client 67.96.172.81] (2)No such > > > > file > > > > > > or > > > > > > > directory: exec of '/var/www/html/ > > > > > > angrynates.com/global_solutions/index.py' > > > > > > > failed > > > > [Fri Nov 06 12:56:20 2009] [error] [client 67.96.172.81] Premature > end > > > > of script headers: index.py > > > > [Fri Nov 06 13:52:15 2009] [error] [client 66.249.67.153] File does > not > > > > exist: /var/www/html/angrynates.com/robots.txt > > > > [Fri Nov 06 13:52:52 2009] [error] [client 208.84.198.58] (2)No such > > > > file or directory: exec of > > > > '/var/www/html/angrynates.com/global_solutions/index.py' failed, > > > > > > referer: > > > > http://angrynates.com/global_solutions/ > > > > [Fri Nov 06 13:52:52 2009] [error] [client 208.84.198.58] Premature > end > > > > > > of > > > > > > > script headers: index.py, referer: > > > > > > http://angrynates.com/global_solutions/ > > > > > > > [Fri Nov 06 13:52:52 2009] [error] [client 208.84.198.58] File does > not > > > > exist: /var/www/html/angrynates.com/favicon.ico > > > > [Fri Nov 06 13:52:53 2009] [error] [client 208.84.198.58] File does > not > > > > exist: /var/www/html/angrynates.com/favicon.ico > > > > [r...@13gems etc]# > > > > > > > > Please help. > > > > Victor > > > > > > Can we see the output of 'ls -lZ' and 'fixfiles check' on those > > > directories, > > > and see what the Apache (httpd.conf or .htaccess) configuration is for > > > them? > > > > > > ---- > > > Rami Chowdhury > > > "Passion is inversely proportional to the amount of real information > > > available." -- Benford's Law of Controversy > > > 408-597-7068 (US) / 07875-841-046 (UK) / 0189-245544 (BD) > > > > > ---- > Rami Chowdhury > "Strangers are just friends who haven't had enough gin." -- Howdle's Saying > 408-597-7068 (US) / 07875-841-046 (UK) / 0189-245544 (BD) >
-- http://mail.python.org/mailman/listinfo/python-list
