-1

Failed to create shadow copy (CopyFile)

Description: HTTP 500. Error processing request

Before I begin my question; below is link to my previous problem, It was 503 error; Resolved by enabling seboolian of httpd_execmem:
Mono crashes while SELinux enforced, How to get mono server worked while SELinux is enforced?

Now, here I'm stuck --

1) When i try to access .aspx page:

# elinks --dump 127.0.0.1/ASP-Portal/index.aspx

                   Server Error in '/ASP-Portal' Application
   Failed to create shadow copy (CopyFile).
   Description: HTTP 500. Error processing request.

   Stack Trace:

System.ExecutionEngineException: Failed to create shadow copy (CopyFile).
  at (wrapper managed-to-native) System.Reflection.Assembly:LoadFrom (string,bool)
  at System.Reflection.Assembly.LoadFrom (System.String assemblyFile) [0x00000] in <filename unknown>:0
  at System.Web.Compilation.BuildManager.LoadAssembly (System.String path, System.Collections.Generic.List`1 al) [0x00000] in <filename unknown>:0
  at System.Web.Compilation.BuildManager.GetReferencedAssemblies () [0x00000] in <filename unknown>:0
  at System.Web.Compilation.AssemblyBuilder.BuildAssembly (System.Web.VirtualPath virtualPath, System.CodeDom.Compiler.CompilerParameters options) [0x00000] in <filename unknown>:0
  at System.Web.Compilation.AssemblyBuilder.BuildAssembly (System.CodeDom.Compiler.CompilerParameters options) [0x00000] in <filename unknown>:0
  at System.Web.Compilation.AppCodeAssembly.Build (System.String[] binAssemblies) [0x00000] in <filename unknown>:0
  at System.Web.Compilation.AppCodeCompiler.Compile () [0x00000] in <filename unknown>:0
  at System.Web.HttpApplicationFactory.InitType (System.Web.HttpContext context) [0x00000] in <filename unknown>:0

   Version information: Mono Runtime Version: 2.10.2 (tarball Mon Aug 8
   13:09:50 IST 2016); ASP.NET Version: 2.0.50727.1433

2) audit.log status:

# cat /var/log/audit/audit.log | audit2allow

#============= httpd_sys_script_t ==============
#!!!! This avc is allowed in the current policy

allow httpd_sys_script_t inotifyfs_t:dir read;
#!!!! This avc is allowed in the current policy

allow httpd_sys_script_t self:process execmem;
allow httpd_sys_script_t tmp_t:file { write getattr };
allow httpd_sys_script_t tmpfs_t:dir read;
allow httpd_sys_script_t tmpfs_t:filesystem getattr;

#============= httpd_t ==============
#!!!! This avc is allowed in the current policy

allow httpd_t httpd_sys_rw_content_t:sock_file unlink;
allow httpd_t self:capability { sys_admin ipc_owner };

#============= xdm_t ==============
#!!!! This avc can be allowed using the boolean 'allow_polyinstantiation'

allow xdm_t admin_home_t:dir read;
allow xdm_t admin_home_t:file read;

3) Context of directory and files where i have stored my testing ASP.NET files provided by mono-project.com

# ls -Z /var/www/html/ASP-Portal/

drwxr-xr-x. root root system_u:object_r:httpd_sys_rw_content_t:s0 1.1
drwxr-xr-x. root root system_u:object_r:httpd_sys_rw_content_t:s0 2.0
drwxr-xr-x. root root system_u:object_r:httpd_sys_rw_content_t:s0 App_Code
drwxr-xr-x. root root system_u:object_r:httpd_sys_rw_content_t:s0 bin
drwxr-xr-x. root root system_u:object_r:httpd_sys_rw_content_t:s0 controls
-rwxr-xr-x. root root system_u:object_r:httpd_sys_rw_content_t:s0 extensions.dll
-rw-r--r--. root root system_u:object_r:httpd_sys_rw_content_t:s0 favicon.ico
-rw-r--r--. root root system_u:object_r:httpd_sys_rw_content_t:s0 global.asax
-rw-r--r--. root root system_u:object_r:httpd_sys_rw_content_t:s0 index.aspx
-rw-r--r--. root root system_u:object_r:httpd_sys_rw_content_t:s0 missing_components.aspx
-rw-r--r--. root root system_u:object_r:httpd_sys_rw_content_t:s0 mod-mono-server.exe.config
-rw-r--r--. root root system_u:object_r:httpd_sys_rw_content_t:s0 monobutton.png
-rw-r--r--. root root system_u:object_r:httpd_sys_rw_content_t:s0 mono.png
-rw-r--r--. root root system_u:object_r:httpd_sys_rw_content_t:s0 mono-powered-big.png
-rw-r--r--. root root system_u:object_r:httpd_sys_rw_content_t:s0 mono-xsp.css
-rw-r--r--. root root system_u:object_r:httpd_sys_rw_content_t:s0 sample.webapp
-rwxr-xr-x. root root system_u:object_r:httpd_sys_rw_content_t:s0 ServiceClient.exe
-rw-r--r--. root root system_u:object_r:httpd_sys_rw_content_t:s0 small-icon.png
drwxr-xr-x. root root system_u:object_r:httpd_sys_rw_content_t:s0 test
-rw-r--r--. root root system_u:object_r:httpd_sys_rw_content_t:s0 web.config
-rw-r--r--. root root system_u:object_r:httpd_sys_rw_content_t:s0 Web.sitemap
-rw-r--r--. root root system_u:object_r:httpd_sys_rw_content_t:s0 xsp.exe.config

4) messages file status:

# tail /var/log/messages

Aug 12 12:04:50 shadmin named[1356]: error (network unreachable) resolving 'ns1.isc.ultradns.net/A/IN': 2610:a1:1015::e8#53
Aug 12 12:04:50 shadmin named[1356]: error (network unreachable) resolving 'ns1.isc.ultradns.net/AAAA/IN': 2610:a1:1015::e8#53
Aug 12 13:04:50 shadmin named[1356]: error (network unreachable) resolving 'dlv.isc.org/DNSKEY/IN': 2001:4f8:0:2::19#53
Aug 12 13:04:50 shadmin named[1356]: error (network unreachable) resolving 'dlv.isc.org/DNSKEY/IN': 2001:500:71::30#53
Aug 12 13:04:50 shadmin named[1356]: error (network unreachable) resolving 'dlv.isc.org/DNSKEY/IN': 2001:500:2c::254#53
Aug 12 13:04:51 shadmin named[1356]: error (network unreachable) resolving 'dlv.isc.org/DNSKEY/IN': 2001:4f8:0:2::20#53
Aug 12 13:04:51 shadmin named[1356]: error (network unreachable) resolving 'pdns196.ultradns.biz/A/IN': 2001:503:7bbb:ffff:ffff:ffff:ffff:ff7e#53
Aug 12 13:04:51 shadmin named[1356]: error (network unreachable) resolving 'pdns196.ultradns.biz/AAAA/IN': 2001:500:3682::12#53
Aug 12 13:04:51 shadmin named[1356]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2a01:8840:8::1#53
Aug 12 13:04:52 shadmin named[1356]: error (network unreachable) resolving 'pdns196.ultradns.biz/A/IN': 2610:a1:1015::e8#53

5) httpd error_log status:

# tail /var/log/httpd/error_log

[Fri Aug 12 12:58:57 2016] [notice] Digest: generating secret for digest authentication ...
[Fri Aug 12 12:58:57 2016] [notice] Digest: done
[Fri Aug 12 12:58:57 2016] [notice] Apache/2.2.15 (Unix) DAV/2 mod_mono/2.10 configured -- resuming normal operations
Listening on: /tmp/mod_mono_server_global
Root directory: /
Listening on: /tmp/mod_mono_server_global
Root directory: /
Error: Address already in use
Listening on: /tmp/mod_mono_server_shadmin.shahu.com
Root directory: /var/www/html/ASP-Portal


Note: My hostname is shadmin.shahu.com and I saved demo .NET files in /var/www/html/ASP-Portal/
Please, tell me if I'm missing something, Thanks.

Community
  • 1
vivek.patwardhan
  • 9
  • 4

2 Answers2

1

I had this issue and it turned out a symbolic link was incorrect to a .dll file the .aspx page was trying to access.

user432485
  • 11
  • 1
0

Please, tell me if I'm missing something, Thanks.

You are missing something, Thanks.

It's not clear what you're asking here. You can rule out SELinux by putting SELinux into permissive mode

setenforce 0

If your problems are the same then SELinux is not the issue, look elsewhere for a solution.

If your problems are resolved then SELinux is the cause of your pain. Run your system in permissive move to collect AVC denials. Once you have done that you should review the audit.log and take appropriate action. That may be as simple as 

cat audit.log | audit2allow -M mylocalpolicy
semodule -i mylocalpolicy.pp

or you may decide to change some file contexts and then create a local policy. Or ...

user9517
  • 114,104
  • 20
  • 206
  • 289
  • @lain I think It is SELinux; I get same errors while i set it to enforced or permissive. But, .aspx loads while SELinux is disabled. That's why I am confused. I wasn't so clear on my question, extremely sorry for that. – vivek.patwardhan Aug 16 '16 at 06:13