At 02:14 PM 2/11/2008 -0500, Joshua Slive wrote:
On Feb 11, 2008 1:38 PM, Bennett Haselton <[EMAIL PROTECTED]> wrote:
> I am trying to run a CGI script that can open /var/log/httpd/access_log
for
> reading and parse some data from it. (This is on a dedicated machine.)
>
> The file /var/log/httpd/access_log is owned by root, but that's not the
> problem. I have other files owned by root that are in the
/var/www/html
> directory and CGI scripts can read those with no problem (because they
are
> world-*readable*, just like /var/log/httpd/access_log is). The problem
is
> that apparently CGI scripts cannot open any files for reading that are
> located outside of /var/www .
There is no setting in the default apache install that could impose
that restriction. Are you running SELinux perhaps? Have you tried
"setenforce 0" to see if the issue goes away?
It does, but unfortunately after the server is rebooted, the effect of
doing "setenforce 0" is lost (i.e. setuid scripts no longer run as setuid),
and I have to do it again if I want setuid to work again.
Is there any way I can make the effect of "setenforce 0" permanent? I
could put it into a startup script or something, but that seems like a
hacky solution compared to actually changing the system setting.
-Bennett
[EMAIL PROTECTED] http://www.peacefire.org
(425) 497 9002
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
