I cannot upload files via php (selinux=enabled;policy=targeted). php shows this error: *Warning*: File upload error - unable to create a temporary file in *Unknown* on line *0 *And in dmesg I found this error: audit(1100940427.918:0): avc: denied { write } for pid=9202 exe=/usr/sbin/httpd name=tmp dev=hda3 ino=24 scontext=root:system_r:httpd_t tcontext=root:object_r:root_t tclass=dir
On Sat, 2004-11-20 at 09:51 +0100, dragoran wrote:
I cannot upload files via php (selinux=enabled;policy=targeted). php shows this error: *Warning*: File upload error - unable to create a temporary file in *Unknown* on line *0 *And in dmesg I found this error: audit(1100940427.918:0): avc: denied { write } for pid=9202 exe=/usr/sbin/httpd name=tmp dev=hda3 ino=24 scontext=root:system_r:httpd_t tcontext=root:object_r:root_t tclass=dir
Do you have /tmp on a separate filesystem? What does: ls -Z /tmp show?
Colin Walters schrieb:
On Sat, 2004-11-20 at 09:51 +0100, dragoran wrote:
I cannot upload files via php (selinux=enabled;policy=targeted). php shows this error: *Warning*: File upload error - unable to create a temporary file in *Unknown* on line *0 *And in dmesg I found this error: audit(1100940427.918:0): avc: denied { write } for pid=9202 exe=/usr/sbin/httpd name=tmp dev=hda3 ino=24 scontext=root:system_r:httpd_t tcontext=root:object_r:root_t tclass=dir
Do you have /tmp on a separate filesystem? What does: ls -Z /tmp show?
-- fedora-selinux-list mailing list fedora-selinux-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-selinux-list
/tmp is on the root filesystem... ls -Z /tmp shows this: ------------------------------------------------------------------------------------------------ -rw-rw-r-- dragoran dragoran user_u:object_r:root_t Acro8ip1Sz drwx------ dragoran dragoran user_u:object_r:root_t gconfd-dragoran drwx------ root root root:object_r:root_t gconfd-root drwxr-xr-x dragoran dragoran user_u:object_r:root_t hsperfdata_dragoran drwx------ dragoran dragoran user_u:object_r:root_t keyring-1zTHrf drwx------ dragoran dragoran user_u:object_r:root_t keyring-59xIh9 drwx------ dragoran dragoran user_u:object_r:root_t keyring-OEkx5a drwx------ dragoran dragoran user_u:object_r:root_t keyring-YxzPaV -rw------- root root root:object_r:root_t libGL.la-8tPn7h srwxrwxr-x dragoran dragoran user_u:object_r:root_t mapping-dragoran -rw------- dragoran dragoran user_u:object_r:root_t nsmail.eml -rw------- dragoran dragoran user_u:object_r:root_t nsmail.html -rw------- dragoran dragoran user_u:object_r:root_t nsmail.tmp -rw------- root root root:object_r:root_t nv-5Lurw0 -rw-rw-r-- dragoran dragoran user_u:object_r:root_t nvclock drwx------ dragoran dragoran user_u:object_r:root_t orbit-dragoran drwx------ root root root:object_r:root_t orbit-root drwxr-xr-x root root root:object_r:root_t selfgz3945 drwxr-xr-x root root root:object_r:root_t selfgz4237 drwx------ dragoran dragoran user_u:object_r:root_t ssh-ICLNfV3471 drwx------ dragoran dragoran user_u:object_r:root_t ssh-lYueV15584 -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.66SRLi -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.7jh0Kd -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.bmLq1J -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.CBjOzp -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.IhxdpD -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.J6JXxG -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.JqB0Yr -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.mq2fk5 -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.niYKSn -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.nsJ6HX -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.Rl6HB6 -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.tIuAjd -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.zAFUiz -----------------------------------------------------------------------------------------------------------
dragoran schrieb:
Colin Walters schrieb:
On Sat, 2004-11-20 at 09:51 +0100, dragoran wrote:
I cannot upload files via php (selinux=enabled;policy=targeted). php shows this error: *Warning*: File upload error - unable to create a temporary file in *Unknown* on line *0 *And in dmesg I found this error: audit(1100940427.918:0): avc: denied { write } for pid=9202 exe=/usr/sbin/httpd name=tmp dev=hda3 ino=24 scontext=root:system_r:httpd_t tcontext=root:object_r:root_t tclass=dir
Do you have /tmp on a separate filesystem? What does: ls -Z /tmp show?
-- fedora-selinux-list mailing list fedora-selinux-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-selinux-list
/tmp is on the root filesystem... ls -Z /tmp shows this:
-rw-rw-r-- dragoran dragoran user_u:object_r:root_t Acro8ip1Sz drwx------ dragoran dragoran user_u:object_r:root_t gconfd-dragoran drwx------ root root root:object_r:root_t gconfd-root drwxr-xr-x dragoran dragoran user_u:object_r:root_t hsperfdata_dragoran drwx------ dragoran dragoran user_u:object_r:root_t keyring-1zTHrf drwx------ dragoran dragoran user_u:object_r:root_t keyring-59xIh9 drwx------ dragoran dragoran user_u:object_r:root_t keyring-OEkx5a drwx------ dragoran dragoran user_u:object_r:root_t keyring-YxzPaV -rw------- root root root:object_r:root_t libGL.la-8tPn7h srwxrwxr-x dragoran dragoran user_u:object_r:root_t mapping-dragoran -rw------- dragoran dragoran user_u:object_r:root_t nsmail.eml -rw------- dragoran dragoran user_u:object_r:root_t nsmail.html -rw------- dragoran dragoran user_u:object_r:root_t nsmail.tmp -rw------- root root root:object_r:root_t nv-5Lurw0 -rw-rw-r-- dragoran dragoran user_u:object_r:root_t nvclock drwx------ dragoran dragoran user_u:object_r:root_t orbit-dragoran drwx------ root root root:object_r:root_t orbit-root drwxr-xr-x root root root:object_r:root_t selfgz3945 drwxr-xr-x root root root:object_r:root_t selfgz4237 drwx------ dragoran dragoran user_u:object_r:root_t ssh-ICLNfV3471 drwx------ dragoran dragoran user_u:object_r:root_t ssh-lYueV15584 -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.66SRLi -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.7jh0Kd -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.bmLq1J -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.CBjOzp -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.IhxdpD -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.J6JXxG -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.JqB0Yr -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.mq2fk5 -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.niYKSn -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.nsJ6HX -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.Rl6HB6 -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.tIuAjd -rw------- dragoran dragoran user_u:object_r:root_t xses-dragoran.zAFUiz
-- fedora-selinux-list mailing list fedora-selinux-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-selinux-list
/sbin/restorecon /tmp fixed the problem /tmp is now system_u:object_r:tmp_t
selinux@lists.fedoraproject.org