I followed the guide: https://www.tecmint.com/enable-apache-userdir-module-on-rhel-centos-fedora/
on how to enable user home dirs
When i browse: https://server.com/~myuser
it works fine - but only for HTML files.
When I try to run a CGI file that is working fine when browsing https://server.com/file.cgi - it just doesn't work
I run the following:
$ journalctl -b | grep myuser
cannot get docroot information (/home/myuser)
Apache error.log doesn't say much:
End of script output before headers: file.cgi
My UserDir configuration is very basic, just like in the guide:
<IfModule mod_userdir.c>
UserDir public_html
</IfModule>
<Directory "/home/*/public_html">
Require method GET POST OPTIONS
Options +FollowSymLinks -MultiViews -Indexes +ExecCGI
AddHandler cgi-script .cgi .py .pcgi .pl
AllowOverride All
Require all granted
</Directory>
Any ideas how to solve it ?
EDIT
So something i didn't mentioned at first, is that my public_html directory was a sym-link.
Just to make sure i'm not mixing issues - i copied the directory to remove the symlink.
from time to time though, i receive the following error as well:
SELinux is preventing suexec from execute access on the file file.cgi.
***** Plugin catchall_boolean (89.3 confidence) suggests ******************
If you want to allow httpd to unified
Then you must tell SELinux about this by enabling the 'httpd_unified' boolean.
Do
setsebool -P httpd_unified 1
***** Plugin catchall (11.6 confidence) suggests **************************
If you believe that suexec should be allowed execute access on the file.cgi file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'suexec' --raw | audit2allow -M my-suexec
# semodule -X 300 -i my-suexec.pp
That SELinux thing is a real hazard ...
Solution 1
So not using a sym-link this one solved it:
setsebool -P httpd_unified 1
With using sym-link this one solved it:
semanage permissive -a httpd_suexec_t
