mapserver cgi+fedora4+SELinux
Eduin Carrillo
yecarrillo at YAHOO.COM
Thu Aug 18 22:20:59 EDT 2005
I just update my OS to Fedora4. I had never hear about SELinux, but last two
day I were enforced to learn more about security policies and now I like
SELinux (my site were hacked 3 times in the last six months).
I get php_mapscrit runs with the system rpm's and other rpms I found on the net
(mappinghacks) except GDAL, and successfully compiled mapserver 4.6.0 in that
environment, but mapserv executable returns a 500 Internal Server Error.
Apache log reports:
/var/www/cgi-bin/mapserv: error while loading shared libraries:
/usr/local/lib/libgdal.so.1: cannot restore segment prot after reloc:
Permission denied
SELinux policies I applied:
chcon -t texrel_shlib_t /usr/local/lib/*.so --> for gdal shared libraries
chcon -t httpd_unconfined_script_t /var/www/cgi-bin/mapserv -->for mapserv
binary
I were getting the same error runing mapserver apps (legend, etc..) from the
command line, but policy applied for gdal, solved that.
Previuosly tim ask about php/mapscript and SELinux, so these are my steps to
get php/mapscript running in FC4:
----------------------------------
cd /usr/local/src
wget http://cvs.gis.umn.edu/dist/mapserver-4.6.0.tar.gz
tar xvzf mapserver-4.6.0.tar.gz
cd mapserver-4.6.0
./configure --with-curl-config=/usr/bin/curl-config
--with-php=/usr/src/redhat/SOURCES/php-5.0.4 --with-httpd=/usr/sbin/httpd
--with-postgis=/usr/bin/pg_config --with-geos=/usr/bin/geos-config
--with-mygis=/usr/bin/mysql_config --with-proj=/usr
--with-ogr=/usr/local/bin/gdal-config --with-gdal=/usr/local/bin/gdal-config
--with-eppl --with-wfs --with-wcs --with-wmsclient --with-wfsclient
--with-gd=/usr
make
cp -f mapserv /var/www/cgi-bin/mapserv
cp -f legend /usr/local/bin/legend
cp -f scalebar /usr/local/bin/scalebar
cp -f shp2img /usr/local/bin/shp2img
cp -f shp2pdf /usr/local/bin/shp2pdf
cp -f shptree /usr/local/bin/shptree
cp -f shptreetst /usr/local/bin/shptreetst
cp -f shptreevis /usr/local/bin/shptreevis
cp -f sortshp /usr/local/bin/sortshp
cp -f tile4ms /usr/local/bin/tile4ms
cp -f mapscript/php3/php_mapscript.so /usr/lib/php/modules/php_mapscript.so
#SELinux policy for php/mapscript
chcon -t texrel_shlib_t /usr/lib/php/modules/php_mapscript.so
#to load as php module
echo "extension=php_mapscript.so" > /etc/php.d/mapscript.ini
service httpd restart
-------------------------
Any hint?
Thanks in advanced.
Eduin Yesid Carrillo Vega
yecarrillo at yahoo.com
COLOMBIA
__________________________________________________
Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam ¡gratis!
Regístrate ya - http://correo.espanol.yahoo.com/
More information about the mapserver-users
mailing list