Sweet Baby

檢查是否selinux問題:

#暫停selinux

setenforce 0

#暫停後重開

entenforce 1

#檢查message

cat /var/log/messages

#To start with, try to run the app. Any SELinux enforcement messages are logged to the system log. The SELinux audit2allow command is helpful in deriving policy rules to resolve the enforcement errors.

cat /var/log/messages | audit2allow

#如果提示請執行建議

#setroubleshoot: SELinux is preventing /usr/sbin/httpd from execute access on the file awstats.pl. For complete SELinux messages. run sealert -l f7bf84ee-5acX-473X-840X-5b8e6a0aXXXX

sealert -l f7bf84ee-5acX-473X-840X-5b8e6a0aXXXX

#你就看到

allow this access for now by executing:

# grep httpd /var/log/audit/audit.log | audit2allow -M mypol

# semodule -i mypol.pp

#如果不能解決，檢查相關protocol

getsebool -a | grep “httd"

#自行測試其他有可能的config

setsebool httpd_xxxxx on

#最後記得要用-P，reboot後還有效

setsebool -P httpd_xxxxx on