pcmhacking.net

Will do Ant. Will post once back home

antus wrote:do an ls -aZ <file> on the file and post up the results. it'll either be normal ownership problems, or selinux permissions if you compiled it somewhere else and moved it. If its the first case its a regular misconfiguration, if its the second case the OS is trying to protect you from arbitrary execution through wordpress.

Right so, I get the following back:

# ls -aZ hello
-rwxrwxrwx. TempUser TempUser system_u:object_r:httpd_sys_content_t:s0 hello

Spot on Ant. I just temporarily disabled selinux permissions and it seems to have solved the problem

Now to find a solution to allow only that application to run without those permissions rather than the entire system.

Well, to temporarily disable, using this command works: setenforce 0

Quite an indepth topic with selinux.

From what Iv read, part of what I need is to set the selinux permissions to allow the httpd service access for read/write to a directory/file using: chcon -Rv --type=httpd_sys_rw_content_t /var/www/html/.../directory

Makes sense.. but still doesnt allow executing the application with selinux enabled.... further reading needed...

Running the above does however solve my wordpress issue where I was unable to update/save files correctly.

Oh, there we go.
This has solved it: chcon system_u:object_r:httpd_exec_t:s0 [filename]

I reset all the selinux permissions back to standard, and only running the above on the linux app allows it to execute

Hopefully that saga may help someone else.!

Time to move back to that SDcard dilemma..