Hi all,
I am attempting to upgrade the GAM tool to the lastest 4.03 version.
I have downloaded the binaries and installed them successfully. I can run GAM from the command line. However, I also have some Perl scripts that run from the web for our help desk. When trying to run the scripts I receive SElinux issues such as
type=AVC msg=audit(1479745546.155:49509): avc: denied { execute } for pid=8878 comm="gam" path="/tmp/_MEI5NxIyW/libz.so.1" dev=dm-0 ino=540459 scontext=system_u:system_r:httpd_sys_script_t:s0 tcontext=system_u:object_r:httpd_sys_rw_content_t:s0 tclass=file
type=SYSCALL msg=audit(1479745546.155:49509): arch=c000003e syscall=9 success=no exit=-13 a0=380fc00000 a1=215210 a2=5 a3=802 items=0 ppid=8877 pid=8878 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="gam" exe="/usr/local/gam-4.03/gam" subj=system_u:system_r:httpd_sys_script_t:s0 key=(null)
type=AVC msg=audit(1479745546.172:49510): avc: denied { write } for pid=8879 comm="python" name="abrt.socket" dev=dm-0 ino=262185 scontext=system_u:system_r:httpd_sys_script_t:s0 tcontext=system_u:object_r:abrt_var_run_t:s0 tclass=sock_file
type=SYSCALL msg=audit(1479745546.172:49510): arch=c000003e syscall=42 success=no exit=-13 a0=4 a1=7ffff8264040 a2=1b a3=7ffff8263d68 items=0 ppid=8875 pid=8879 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="python" exe="/usr/bin/python" subj=system_u:system_r:httpd_sys_script_t:s0 key=(null)
I need to run with SELinux on this server! I have looked at the SElinux boolean httpd_tmp_exec and updated it to allow but am still receiving the error. Has anyone seen this behavior and/or have a solution?
Thanks much,
Kathy