Mem*_*nto 2 php fedora selinux
在 Fedora 中,您如何配置 Selinux 以授予 PHP 系统或 exec 函数运行的任意可执行文件的权限?关闭 SELinux 对我来说不是一个选择。
$ getsebool -a | grep httpd
allow_httpd_anon_write --> off
allow_httpd_mod_auth_ntlm_winbind --> off
allow_httpd_mod_auth_pam --> off
allow_httpd_sys_script_anon_write --> off
httpd_builtin_scripting --> on
httpd_can_check_spam --> off
httpd_can_network_connect --> off
httpd_can_network_connect_cobbler --> off
httpd_can_network_connect_db --> off
httpd_can_network_memcache --> off
httpd_can_network_relay --> off
httpd_can_sendmail --> off
httpd_dbus_avahi --> off
httpd_enable_cgi --> on
httpd_enable_ftp_server --> off
httpd_enable_homedirs --> off
httpd_execmem --> off
httpd_read_user_content --> off
httpd_setrlimit --> off
httpd_ssi_exec --> on
httpd_tmp_exec --> off
httpd_tty_comm --> on
httpd_unified --> off
httpd_use_cifs --> off
httpd_use_gpg --> off
httpd_use_nfs --> off
检查与 Apache 相关的当前 SELinux 设置:
# /usr/sbin/getsebool -a | grep httpd
您需要打开httpd_ssi_exec以允许 Apache 执行 SSI 脚本:
# setsebool -P httpd_ssi_exec=1
| 归档时间: |
|
| 查看次数: |
9310 次 |
| 最近记录: |