I have a html form that posts to a Perl CGI script. The script then loops and creates a CSV that is then piped to glabels-3-batch to create a PDF file of labels which lpr then sends to a printer.
I found if I select to create 26 labels the script worked but above 26 I got an error log as follows
[Fri Jul 14 14:09:09.209095 2017] [cgi:error] [pid 11735] [client 127.0.0.1:33956] End of script output before headers: glabels-crossdock-labels.pl, referer: http://jmits.dev/wms/PrintLabels/crossdock_labels
When I set seLinux to stop enforcing it’s policies with setenforce 0 the script would work
But there was nothing in the /var/log/audit/audit.log to show the denial.
So from Redhat seLinux Documentation came the help to fix it.
So first set seLinux back to enforcing
Set seLinux to show all errors
sudo semodule -DB
Run the web page that triggers the POST to the Perl Script that is erroring out
Then search /var/log/audit/audit.log to find the problem
ausearch -c glabels-crossdo -r | audit2allow -M my-glabels
sudo semodule -X 300 -i my-glabels.pp