I have a apache server running with php pages, i want to run bash scripts with.
Everything worked great till i wanted to have SSL module, now SELinux gives me one error with one comand in my script ( sudo -u steam /home/steam/webstartark.sh )
in the log off my script i have that: " sudo: unable to change to sudoers gid: Operation not permitted "
in the /var/log/messages i have this:
- Apr 23 02:02:40 centos setroubleshoot: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>. For complete SELinux messages. run sealert -l 3f1d0867-3f65-437c-94c1-3c58a550fa3d
Apr 23 02:02:40 centos python: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>.#012#012***** Plugin catchall (100. confidence) suggests **************************#012#012If you believe that ps should be allowed getattr access on the <pid> directory by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'ps' --raw | audit2allow -M my-ps#012# semodule -i my-ps.pp#012
Apr 23 02:02:40 centos setroubleshoot: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>. For complete SELinux messages. run sealert -l 3f1d0867-3f65-437c-94c1-3c58a550fa3d
Apr 23 02:02:40 centos python: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>.#012#012***** Plugin catchall (100. confidence) suggests **************************#012#012If you believe that ps should be allowed getattr access on the <pid> directory by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'ps' --raw | audit2allow -M my-ps#012# semodule -i my-ps.pp#012
Apr 23 02:02:40 centos setroubleshoot: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>. For complete SELinux messages. run sealert -l 3f1d0867-3f65-437c-94c1-3c58a550fa3d
Apr 23 02:02:40 centos python: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>.#012#012***** Plugin catchall (100. confidence) suggests **************************#012#012If you believe that ps should be allowed getattr access on the <pid> directory by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'ps' --raw | audit2allow -M my-ps#012# semodule -i my-ps.pp#012
Apr 23 02:02:40 centos setroubleshoot: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>. For complete SELinux messages. run sealert -l 3f1d0867-3f65-437c-94c1-3c58a550fa3d
Apr 23 02:02:40 centos python: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>.#012#012***** Plugin catchall (100. confidence) suggests **************************#012#012If you believe that ps should be allowed getattr access on the <pid> directory by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'ps' --raw | audit2allow -M my-ps#012# semodule -i my-ps.pp#012
Apr 23 02:02:41 centos setroubleshoot: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>. For complete SELinux messages. run sealert -l 3f1d0867-3f65-437c-94c1-3c58a550fa3d
Apr 23 02:02:41 centos python: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>.#012#012***** Plugin catchall (100. confidence) suggests **************************#012#012If you believe that ps should be allowed getattr access on the <pid> directory by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'ps' --raw | audit2allow -M my-ps#012# semodule -i my-ps.pp#012
Apr 23 02:02:41 centos setroubleshoot: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>. For complete SELinux messages. run sealert -l 3f1d0867-3f65-437c-94c1-3c58a550fa3d
Apr 23 02:02:41 centos python: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>.#012#012***** Plugin catchall (100. confidence) suggests **************************#012#012If you believe that ps should be allowed getattr access on the <pid> directory by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'ps' --raw | audit2allow -M my-ps#012# semodule -i my-ps.pp#012
Apr 23 02:02:41 centos setroubleshoot: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>. For complete SELinux messages. run sealert -l 3f1d0867-3f65-437c-94c1-3c58a550fa3d
Apr 23 02:02:41 centos python: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>.#012#012***** Plugin catchall (100. confidence) suggests **************************#012#012If you believe that ps should be allowed getattr access on the <pid> directory by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'ps' --raw | audit2allow -M my-ps#012# semodule -i my-ps.pp#012
Apr 23 02:02:41 centos setroubleshoot: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>. For complete SELinux messages. run sealert -l 3f1d0867-3f65-437c-94c1-3c58a550fa3d
Apr 23 02:02:41 centos python: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>.#012#012***** Plugin catchall (100. confidence) suggests **************************#012#012If you believe that ps should be allowed getattr access on the <pid> directory by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'ps' --raw | audit2allow -M my-ps#012# semodule -i my-ps.pp#012
Apr 23 02:02:42 centos setroubleshoot: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>. For complete SELinux messages. run sealert -l 3f1d0867-3f65-437c-94c1-3c58a550fa3d
Apr 23 02:02:42 centos python: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>.#012#012***** Plugin catchall (100. confidence) suggests **************************#012#012If you believe that ps should be allowed getattr access on the <pid> directory by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'ps' --raw | audit2allow -M my-ps#012# semodule -i my-ps.pp#012
Apr 23 02:02:42 centos setroubleshoot: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>. For complete SELinux messages. run sealert -l 3f1d0867-3f65-437c-94c1-3c58a550fa3d
Apr 23 02:02:42 centos python: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>.#012#012***** Plugin catchall (100. confidence) suggests **************************#012#012If you believe that ps should be allowed getattr access on the <pid> directory by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'ps' --raw | audit2allow -M my-ps#012# semodule -i my-ps.pp#012
Apr 23 02:02:42 centos setroubleshoot: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>. For complete SELinux messages. run sealert -l 3f1d0867-3f65-437c-94c1-3c58a550fa3d
Apr 23 02:02:42 centos python: SELinux is preventing /usr/bin/ps from getattr access on the directory /proc/<pid>.#012#012***** Plugin catchall (100. confidence) suggests **************************#012#012If you believe that ps should be allowed getattr access on the <pid> directory by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'ps' --raw | audit2allow -M my-ps#012# semodule -i my-ps.pp#012
when i set SELinux to permissive it works great with my web pages.
Can anyone help me?
Thanks