Beefy Boxes and Bandwidth Generously Provided by pair Networks
Don't ask to ask, just ask
 
PerlMonks  

Re: CGI script connecting via terminal but not via browser

by moritz (Cardinal)
on Sep 18, 2012 at 09:47 UTC ( #994247=note: print w/ replies, xml ) Need Help??


in reply to CGI script connecting via terminal but not via browser

Maybe there's a security system like selinux or AppArmor active that assigns the web server process a different security context than merely sudo'ing into the apache user?

Such a security context could very well prevent it from opening a network connection to another host.

So please consult your system administrator, or if you are your own administrator, read up on security systems.


Comment on Re: CGI script connecting via terminal but not via browser
Re^2: CGI script connecting via terminal but not via browser
by nkrgupta (Novice) on Sep 18, 2012 at 10:44 UTC

    Thanks moritz.

    I am reading up on selinux now which seems to be enabled on my system, and might be a possible cause. The log file at /var/log/audit/audit.log shows the following entry among other

    type=AVC msg=audit(1347964714.394:62458): avc:  denied  { name_connect } for  pid=14917 comm="my_script.cgi" dest=3306 scontext=root:system_r:httpd_sys_script_t:s0 tcontext=system_u:object_r:mysqld_port_t:s0 tclass=tcp_socket

      Fixed it! It was indeed a selinux issue, which by default was preventing httpd to establish network connections.

      Had to run the following command to allow it to do so

      setsebool -P httpd_can_network_connect=1

      Once again, thanks a lot moritz. I thought it might have to do with security settings, just didn't know where to look!

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://994247]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others perusing the Monastery: (8)
As of 2015-07-06 23:02 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (85 votes), past polls