selinux

Apache cannot make outgoing HTTP Requests using curl

随声附和 提交于 2019-12-22 00:03:25
问题 Consider the following system configurations: Fedora 27 SELinux enabled Apache/2.4.33 PHP 7.1.17 And the below code snippet that is used to issue an http request to Sphere-Engine Compilers API: $ch = curl_init('http://xxxxxxxx.compilers.sphere-engine.com/api/v4/test?access_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'); curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_TIMEOUT, 3.0); $x = curl_exec($ch); print_r($x); The above

How to debug an issue of cron's not executing a given script — or other?

人走茶凉 提交于 2019-12-21 17:36:07
问题 I have a Rails script that I would like to run daily. I know there are many approaches, and that a cron'd script/runner approach is frowned upon by some, but it seems to meet my needs. However, my script is not getting executed as scheduled. My application lives at /data/myapp/current , and the script is in script/myscript.rb . I can run it manually without problem as root with: /data/myapp/current/script/runner -e production /data/myapp/current/script/myscript.rb When I do that, the special

Disabling SELinux in Android 5.0.1

眉间皱痕 提交于 2019-12-21 02:49:05
问题 I am trying to identify the configuration file where SELinux is set to Enforcing mode in Android Framework. Please do not reply just saying adb shell su 0 setenforce permissive I need the system to boot in permissive mode or have SELinux completely disabled at boot time. Thanks 回答1: There are two ways that enforcing mode is set. On user builds, it will always be in enforcing. On eng or userdebug, you can control it. You can control it in the standard selinux way, by setting enforcing=1/0 on

CentOS7中关闭selinux

孤街浪徒 提交于 2019-12-20 22:55:07
在安装Cobbler和Puppet时需要关闭selinux,但是通常情况下载安装完CentOS7后,默认情况下SElinux是启用状态, 如下所示: [csharp] view plaincopy [root@rdo ~]# sestatus SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 28 1、如果要临时关闭,可以执行 [cpp] view plaincopy setenforce 0 此时的状态如下 [html] view plaincopy [root@rdo ~]# sestatus SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded

SELinux influences "failed to open stream: Permission denied” PHP error

与世无争的帅哥 提交于 2019-12-19 03:24:19
问题 Yesterday I've spent 5 hours straight discovering a seemingly unreasonable error "failed to open stream. permission denied", which was occuring after any operations of writing to file system: fopen (with "w" and "a" flags), move_uploaded_file, file_put_contents. I've rechecked many times directories owner (user and group - chown, chgrp), have change folder attributes to unsecure 777 (rwx with chmod ), but it has no effect. I even reinstalled an Apache and PHP, but still was facing the same

Configuring SELinux permissions on (SVS-V) IPC Semaphores

时光怂恿深爱的人放手 提交于 2019-12-18 14:54:41
问题 I have a bunch of programs which use IPC Semaphores to interact (semget). One of the programs is an Apache module, which runs in (some sort of) restricted SELinux context (which I don't understand too well). The module is capable of interacting with any regular files correctly, if of-course the files have their SELinux security context set appropriately. However - when my (Module) goes to access the IPC Semaphore, the semget call fails with a EPERM. When SELinux is turned off, I don't get

Connect DATABASE Error TYPE: 2002: Permission denied

余生颓废 提交于 2019-12-18 06:14:15
问题 I am trying to connect the database with the following script(cxn-test.php) <?php $host = '155.30.136.20';//dummy ip $user = 'abc_user'; $pass = 'xxxxxxxxx'; $dbname = 'welcome'; $link = mysqli_connect($host, $user, $pass,$dbname); if (!$link) { echo "Error: Unable to connect to MySQL." . PHP_EOL; echo "Debugging errno: " . mysqli_connect_errno() . PHP_EOL; echo "Debugging error: " . mysqli_connect_error() . PHP_EOL; exit; }else { echo "success" . PHP_EOL; } When I am trying on the terminal

9.系统安全 防火墙

两盒软妹~` 提交于 2019-12-18 01:03:44
一.系统安全保护 SELinux概述 • Security-Enhanced Linux – 集成到Linux内核(2.6及以上)中运行 – RHEL7基于SELinux体系针对用户、进程、目录和文件 提供了预设的保护策略,以及管理工具 SELinux运行模式的切换 • SELinux的运行模式 – enforcing(强制)、permissive(宽松) – disabled(彻底禁用) 任何模式进入到disabled(彻底禁用),都要经历重起系统 • 切换运行模式 – 临时切换:setenforce 1|0 – 固定配置:/etc/selinux/config 文件 #下一次开机生效 – 查看当前运行模式:getenforce 虚拟机server: 1.当前临时修改 [ root@server0 ~ ] # getenforce #查看SELinux状态 [ root@server0 ~ ] # setenforce 0 #修改SELinux状态 [ root@server0 ~ ] # getenforce 2.固定配置 [ root@server0 ~ ] # vim /etc/selinux/config SELINUX = permissive 虚拟机desktop: 1.当前临时修改 [ root@desktop0 ~ ] # getenforce [ root

Attempt to write a readonly database - Django w/ SELinux error

…衆ロ難τιáo~ 提交于 2019-12-17 17:37:15
问题 I have a CentOS server on which I have Apache, Django, Django CMS and mod_wsgi. My Django project files are stored in the /srv directory and I have SELinux turned on for security reasons. I've managed to successfully integrate Django-CMS into Django and when I visit the local IP, I see my pages. However, when I try to visit /admin (where I can start making use of the CMS functionality), I get DatabaseError at /admin/ attempt to write a readonly database . Okay. So, since I have a .sqlite file

mod_wsgi: ImportError: No module named 'encodings'

家住魔仙堡 提交于 2019-12-17 16:19:19
问题 I'm using Apache 2.2.15 on CentOS 6.5. I'm trying to set up a Django app using mod_wsgi. I'm using a virtual environment, and mod_wsgi was configured with --with-python=/path/to/virtualenv/bin/python3.4 . I've added this to my httpd.conf : WSGIPythonPath /srv/myproject:/path/to/virtualenv/lib/python3.4/site-packages WSGIPythonHome /path/to/virtualenv <VirtualHost *:80> WSGIScriptAlias / /srv/myproject/myproject/wsgi.py ... </VirtualHost> In wsgi.py , I added sys.path.insert(1, "/path/to
订阅 selinux