0
I have a python script on my HTTP server(CentOS 7) responsible for responding to the client browser, it works fine in bash, but when I try to access it via cgi, it just throws an error. It works fine on Ubuntu(both via HTTP and shell) The script is:
import socket
HOST = '127.0.0.1'
PORT = 4345
print("Content-type: text/html; charset=utf-8\n\n")
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect((HOST, PORT))
query = 'foobar'
sock.sendall(bytes(query, 'utf-8'))
buffer = sock.recv(1024)
responce = str(buffer, "UTF-8")
print(responce)
The error I am getting, when I run the script via CGI is:
PermissionError: [Errno 13] Permission denied
Traceback (most recent call last):
File "/var/www/cgi-bin/script.py", line 8, in <module>
sock.connect((HOST, PORT))
PermissionError: [Errno 13] Permission denied
The output of 'getsebool -a | grep httpd' is:
httpd_anon_write --> off
httpd_builtin_scripting --> on
httpd_can_check_spam --> off
httpd_can_connect_ftp --> off
httpd_can_connect_ldap --> off
httpd_can_connect_mythtv --> off
httpd_can_connect_zabbix --> off
httpd_can_network_connect --> off
httpd_can_network_connect_cobbler --> off
httpd_can_network_connect_db --> off
httpd_can_network_memcache --> off
httpd_can_network_relay --> off
httpd_can_sendmail --> off
httpd_dbus_avahi --> off
httpd_dbus_sssd --> off
httpd_dontaudit_search_dirs --> off
httpd_enable_cgi --> on
httpd_enable_ftp_server --> off
httpd_enable_homedirs --> off
httpd_execmem --> off
httpd_graceful_shutdown --> on
httpd_manage_ipa --> off
httpd_mod_auth_ntlm_winbind --> off
httpd_mod_auth_pam --> off
httpd_read_user_content --> off
httpd_run_ipa --> off
httpd_run_preupgrade --> off
httpd_run_stickshift --> off
httpd_serve_cobbler_files --> off
httpd_setrlimit --> off
httpd_ssi_exec --> off
httpd_sys_script_anon_write --> off
httpd_tmp_exec --> off
httpd_tty_comm --> off
httpd_unified --> off
httpd_use_cifs --> off
httpd_use_fusefs --> off
httpd_use_gpg --> off
httpd_use_nfs --> off
httpd_use_openstack --> off
httpd_use_sasl --> off
httpd_verify_dns --> off
Do you have SELinux enabled on your system? – Fanatique – 2019-07-02T13:23:47.320
Yes, I do have SELinux enabled – Xyz – 2019-07-02T13:32:58.823
Can you add the full output of
getsebool -a | grep httpd
in your question? – Fanatique – 2019-07-02T13:38:48.0801Thank you very much for your help. I fixed it by setting 'httpd_can_network_connect' to 'on' – Xyz – 2019-07-02T13:52:28.743