seLinux practices the silent treatment – If you would only just tell me what’s wrong I would fix it

Written by James McDonald

July 14, 2017

I have a html form that posts to a Perl CGI script. The script then loops and creates a CSV that is then piped to glabels-3-batch to create a PDF file of labels which lpr then sends to a printer.

I found if I select to create 26 labels the script worked but above 26 I got an error log as follows

[Fri Jul 14 14:09:09.209095 2017] [cgi:error] [pid 11735] [client] End of script output before headers:, referer:

When I set seLinux to stop enforcing it’s policies with setenforce 0 the script would work

But there was nothing in the /var/log/audit/audit.log to show the denial.

So from Redhat seLinux Documentation came the help to fix it.

So first set seLinux back to enforcing

setenforce 1

Set seLinux to show all errors

sudo semodule -DB

Run the web page that triggers the POST to the Perl Script that is erroring out

Then search /var/log/audit/audit.log to find the problem

ausearch -c glabels-crossdo -r | audit2allow -M my-glabels

sudo semodule -X 300 -i my-glabels.pp




Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.

You May Also Like…

Clear HSTS Settings in CHrome

Open chrome://net-internals/#hsts enter the domain in the query field and click Query to confirm it has HSTS settings...

Ubuntu on Hyper-v

It boils town to installing linux-azure # as root or sudo apt-get update apt-get install linux-azure...