| Server IP : 172.24.0.40 / Your IP : 216.73.216.10 Web Server : Apache System : Linux dbweb26.ust.edu.ph 4.18.0-513.5.1.el8_9.x86_64 #1 SMP Fri Sep 29 05:21:10 EDT 2023 x86_64 User : apache ( 48) PHP Version : 8.2.18 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /usr/share/setroubleshoot/plugins/__pycache__/ |
Upload File : |
3
�wTau
������������������@���sD���d�dl�Z�e�jddd�Zej�Zd�dlZd�dlmZ�G�dd��de�ZdS�)�����Nzsetroubleshoot-pluginsT)Zfallback)�Pluginc���������������@���sL���e�Zd�Zed�Zed�Zed�ZdZed�Zed�Z dZ
dd ��Z
d
d
��Z
d
S�)
�pluginz?
SELinux prevented httpd $ACCESS access to http files.
aZ��
SELinux prevented httpd $ACCESS access to http files.
Ordinarily httpd is allowed full access to all files labeled with http file
context. This machine has a tightened security policy with the $BOOLEAN
turned off, this requires explicit labeling of all files. If a file is
a cgi script it needs to be labeled with httpd_TYPE_script_exec_t in order
to be executed. If it is read only content, it needs to be labeled
httpd_TYPE_content_t. If it is writable content, it needs to be labeled
httpd_TYPE_script_rw_t or httpd_TYPE_script_ra_t. You can use the
chcon command to change these context. Please refer to the man page
"man httpd_selinux" or
<a href="http://fedora.redhat.com/docs/selinux-apache-fc3">FAQ</a>
"TYPE" refers to one of "sys", "user" or "staff" or potentially other
script types.
zg
Changing the "$BOOLEAN" boolean to true will allow this access:
"setsebool -P $BOOLEAN=1"
zsetsebool -P $BOOLEAN=1zcIf you want to allow httpd to execute cgi scripts and to unify HTTPD handling of all content files.z_you must tell SELinux about this by enabling the 'httpd_unified' and 'http_enable_cgi' booleansz1# setsebool -P httpd_unified=1 httpd_enable_cgi=1c�������������C���s���t�j|�t��|�jd��d�S�)N����)r����__init__�__name__Z
set_priority)�self��r����2/usr/share/setroubleshoot/plugins/httpd_unified.pyr���=���s����
zplugin.__init__c�������������C���sL���|j�d�rH|jd�rH|jdks(|jdkrHtjd�
�rHtjd�
�rH|�j��S�d�S�)Nzhttpd_t httpd_.*_script_tz httpd_.*t�file�dirZ
httpd_unifiedZhttpd_enable_cgi)Zmatches_source_typesZmatches_target_typesZtclass�selinuxZsecurity_get_boolean_activeZreport)r���Zavcr���r���r ����analyzeA���s����
zplugin.analyzeN)
r����
__module__�
__qualname__�_ZsummaryZproblem_descriptionZfix_descriptionZfix_cmdZif_textZ then_textZdo_textr���r
���r���r���r���r ���r���
���s���r���)�gettextZ
translationr���r
���Zsetroubleshoot.Pluginr���r���r���r���r���r ����<module>���s
���