The archive files are written to an 'archive/log' subdirectory off of /var/www/cgi-bin with the file permissions set on the archive directory to allow this behavior. My problem is that selinux won't allow it - unless selinux is in permissive mode. I created the directories as root and have run RESTORECON on 'archive' and it's children multiple times trying to remedy this situation, but I think I've actually broken other scripts now that used to work - they did the same thing! I don't remember how I got them to work a couple years back.
The more I read the Red Hat selinux docs, the more confused I get. This context stuff is light years beyond me. What do I need to do to get this all working/back working? Thank you.
Contexts for directories involved:
Code: Select all
[shopdata@wlinux ~]$ sudo ls -Z /var/www/cgi-bin/archive
drwsrwsrwx. root dbjoe system_u:object_r:httpd_sys_script_exec_t:s0 log
drwxrwsrwx. root dbjoe system_u:object_r:httpd_sys_script_exec_t:s0 shoplist
Code: Select all
[shopdata@wlinux ~]$ sudo ls -Z /var/www/cgi-bin/archive/shoplist
drwxrwsrwx. root dbjoe system_u:object_r:httpd_sys_script_exec_t:s0 error
drwxrwsrwx. root dbjoe system_u:object_r:httpd_sys_script_exec_t:s0 log
Code: Select all
[shopdata@wlinux ~]$ sudo ls -Z /var/www/cgi-bin/archive/shoplist/log
-rwxrwxrwx. apache dbjoe system_u:object_r:httpd_sys_script_exec_t:s0 20150425201359User1.html
-rwxrwxrwx. apache dbjoe system_u:object_r:httpd_sys_script_exec_t:s0 20150425201910User1.html
-rwxrwxrwx. apache dbjoe system_u:object_r:httpd_sys_script_exec_t:s0 20150426180415User1.html