[SM-USERS] Change password - permission problem

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[SM-USERS] Change password - permission problem

Ivar Kristvik
Grettings.
I''m new to squirrelmail - just installed version 1.4.5 running on RedHat 2.6.9-
11.ELsmp
and had a problem running the plugin change_passwd - until I found in the
maillinglist - that I had to edit the  
file /var/www/webmail/plugins/change_passwd/functions.php on line 28
and change compatibility_check_plugin_setup() to check_plugin_setup()

However I still have a problem:
I get on my webpage
Change Password An error has occurred while attempting to change your password.
Please contact your system administrator.
Command output:
sh: ../plugins/change_passwd/chpasswd: Permission denied
Return code: 126

from /var/log/messages:
Oct 19 15:48:00 mail kernel: audit(1129729680.199:0): avc:  denied  { execute }
for  pid=5862 comm=sh name=chpasswd dev=md2 ino=6734328
scontext=root:system_r:httpd_sys_script_t tcontext=root:object_r:usr_t
tclass=file


I have done `chmod 4750 chpasswd`  and `chown root:apache chpasswd`
it is username apache  of group apache that is the user of the webservice  

I have even logged in as apache - and run the command manually:
     ../plugins/change_passwd/chpasswd 'testuser' 'Secret2' 'ToSecrt3' 2>&1
successfully



Are there any settings in apache2 or php  that migh prevent execution of a
setuid programme ?

Thank you for your attention
_______

Ivar K.

-------------------------------------------------------------------------
Start.no tilbyr nå raskere bredbånd til lavere pris.
Sjekk http://www.start.no/bredband/ for mer informasjon


-------------------------------------------------------
This SF.Net email is sponsored by:
Power Architecture Resource Center: Free content, downloads, discussions,
and more. http://solutions.newsforge.com/ibmarch.tmpl
--
squirrelmail-users mailing list
Posting Guidelines: http://squirrelmail.org/wiki/wiki.php?MailingListPostingGuidelines
List Address: [hidden email]
List Archives: http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user
List Archives:  http://sourceforge.net/mailarchive/forum.php?forum_id)95
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
Reply | Threaded
Open this post in threaded view
|

RE: [SM-USERS] Change password - permission problem

Marc Powell


> -----Original Message-----
> From: [hidden email]
[mailto:squirrelmail-
> [hidden email]] On Behalf Of Ivar Kristvik
> Sent: Wednesday, October 19, 2005 9:14 AM
> To: [hidden email]
> Subject: [SM-USERS] Change password - permission problem
>
> Grettings.
> I''m new to squirrelmail - just installed version 1.4.5 running on
RedHat
> 2.6.9-
> 11.ELsmp
> and had a problem running the plugin change_passwd - until I found in
the

> maillinglist - that I had to edit the
> file /var/www/webmail/plugins/change_passwd/functions.php on line 28
> and change compatibility_check_plugin_setup() to check_plugin_setup()
>
> However I still have a problem:
> I get on my webpage
> Change Password An error has occurred while attempting to change your
> password.
> Please contact your system administrator.
> Command output:
> sh: ../plugins/change_passwd/chpasswd: Permission denied
> Return code: 126
>
> from /var/log/messages:
> Oct 19 15:48:00 mail kernel: audit(1129729680.199:0): avc:  denied  {
> execute }
> for  pid=5862 comm=sh name=chpasswd dev=md2 ino=6734328
> scontext=root:system_r:httpd_sys_script_t tcontext=root:object_r:usr_t
> tclass=file

This is your SELinux policy preventing execution of the script by
apache. Modify your SELinux policy to allow it.

--
Marc


-------------------------------------------------------
This SF.Net email is sponsored by:
Power Architecture Resource Center: Free content, downloads, discussions,
and more. http://solutions.newsforge.com/ibmarch.tmpl
--
squirrelmail-users mailing list
Posting Guidelines: http://squirrelmail.org/wiki/wiki.php?MailingListPostingGuidelines
List Address: [hidden email]
List Archives: http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user
List Archives:  http://sourceforge.net/mailarchive/forum.php?forum_id)95
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users