Linux - Will be the death of me

A place For General Chit Chat Etc
User avatar
Tazzi
Posts: 3422
Joined: Thu May 17, 2012 8:53 pm
cars: VE SS Ute
Location: WA
Contact:

Re: Linux - Will be the death of me

Post by Tazzi »

Will do Ant. Will post once back home
Your Local Aussie Reverse Engineer
Contact for Software/Hardware development and Reverse Engineering
Site:https://www.envyouscustoms.com
Mob:+61406 140 726
Image
User avatar
Tazzi
Posts: 3422
Joined: Thu May 17, 2012 8:53 pm
cars: VE SS Ute
Location: WA
Contact:

Re: Linux - Will be the death of me

Post by Tazzi »

antus wrote:do an ls -aZ <file> on the file and post up the results. it'll either be normal ownership problems, or selinux permissions if you compiled it somewhere else and moved it. If its the first case its a regular misconfiguration, if its the second case the OS is trying to protect you from arbitrary execution through wordpress.
Right so, I get the following back:

# ls -aZ hello
-rwxrwxrwx. TempUser TempUser system_u:object_r:httpd_sys_content_t:s0 hello
Your Local Aussie Reverse Engineer
Contact for Software/Hardware development and Reverse Engineering
Site:https://www.envyouscustoms.com
Mob:+61406 140 726
Image
User avatar
Tazzi
Posts: 3422
Joined: Thu May 17, 2012 8:53 pm
cars: VE SS Ute
Location: WA
Contact:

Re: Linux - Will be the death of me

Post by Tazzi »

Spot on Ant. I just temporarily disabled selinux permissions and it seems to have solved the problem
Your Local Aussie Reverse Engineer
Contact for Software/Hardware development and Reverse Engineering
Site:https://www.envyouscustoms.com
Mob:+61406 140 726
Image
User avatar
Tazzi
Posts: 3422
Joined: Thu May 17, 2012 8:53 pm
cars: VE SS Ute
Location: WA
Contact:

Re: Linux - Will be the death of me

Post by Tazzi »

Now to find a solution to allow only that application to run without those permissions rather than the entire system.
Your Local Aussie Reverse Engineer
Contact for Software/Hardware development and Reverse Engineering
Site:https://www.envyouscustoms.com
Mob:+61406 140 726
Image
User avatar
Tazzi
Posts: 3422
Joined: Thu May 17, 2012 8:53 pm
cars: VE SS Ute
Location: WA
Contact:

Re: Linux - Will be the death of me

Post by Tazzi »

Well, to temporarily disable, using this command works: setenforce 0

Quite an indepth topic with selinux.

From what Iv read, part of what I need is to set the selinux permissions to allow the httpd service access for read/write to a directory/file using: chcon -Rv --type=httpd_sys_rw_content_t /var/www/html/.../directory

Makes sense.. but still doesnt allow executing the application with selinux enabled.... further reading needed...

Running the above does however solve my wordpress issue where I was unable to update/save files correctly.
Last edited by Tazzi on Sat Jul 21, 2018 8:03 pm, edited 1 time in total.
Your Local Aussie Reverse Engineer
Contact for Software/Hardware development and Reverse Engineering
Site:https://www.envyouscustoms.com
Mob:+61406 140 726
Image
User avatar
Tazzi
Posts: 3422
Joined: Thu May 17, 2012 8:53 pm
cars: VE SS Ute
Location: WA
Contact:

Re: Linux - Will be the death of me

Post by Tazzi »

Oh, there we go.
This has solved it: chcon system_u:object_r:httpd_exec_t:s0 [filename]

I reset all the selinux permissions back to standard, and only running the above on the linux app allows it to execute :thumbup:

Hopefully that saga may help someone else.!

Time to move back to that SDcard dilemma..
Your Local Aussie Reverse Engineer
Contact for Software/Hardware development and Reverse Engineering
Site:https://www.envyouscustoms.com
Mob:+61406 140 726
Image
Post Reply