Blank page after security patching on 0-8-6h

[ast]

I had a fully working Cacti 0.8.6h before I applied the security fixes mentioned in an security announcement.
After installing as mentioned on the site I get a blank page.
On the server I get the following messages:

audit(1169627693.715:22): avc: denied {getattr} for pid=1900 comm="httpd" name="database.php" dev=dm-0 ino-1338375 scontext=system_u:system_r:httpd_t:s0 tcontext=root:object_r:tmp_t:s0 tclass=file

audit(1169627603.719:23): avc: denied { read } for pid=1900 comm="httpd" name="database.php" dev=dm-0 ino=1338375 scontext=system_u:system_r:httpd_t:s0 tcontext=root:object_r:tmp_t:s0 tclass=file

Cacti is installed on a FC5-machine.
I already tried the command senforce=0 after reboot but that doesn't help.

Has anybody had this problem and how can I fix it?

Th@nx for any help

[fmangeant]

Hi

did Cacti work with SELinux before patching ?

[ast]

I don't use SELinux. Only Fedora Core 5.
It was working fine before installing the patches.
So... Point is I don't have a clue why it is doing this.

[fmangeant]

Strange, these error messages look like SELinux ones...

Can you post the content of the /etc/selinux/config file ?

[ast]

In the config file are the following entries:

SELINUX=enforcing
SELINUXTYPE=targeted
SETLOCALDEFS=0

That's it.
I've tried setting SELINUX on permissive but to no avail.

[fmangeant]

Can you try to disable enforcing mode :

Code: Select all

# setenforce 0

I'm not using Fedora, but it's described here : http://fedora.redhat.com/docs/selinux-f ... #id2962669

[ast]

I had already tried it. It didn't have the desired effect.
But someone else mentioned that the security context of the updated files might be wrong.
After checking how to make that visible (ls -l --scontext) it was shown that security context was replaced to tmp_t on the updated files. This was the result of the patch -pl -N command.
Resetting them with chcon -R -t httpd_sys_content_t <filename> did the trick finally.

Thanks anyway for all the comments.