Question Paul Coviello · Jul 8 CSP event log error #Web Gateway #Caché Hello, would anyone know where in Linux I need to change permissions on this? it is running a full Apache install and not what came with Cache. 1 1 198
Eduard Lebedyuk · Jul 8 In the same directory you have your custom CSP.ini. Vic Sun · Jul 8 Hi Paul, This depends on the details of how your web server and gateway were set up. Are you unable to log in to the gateway management page? That would normally tell you where the gateway is installed (and thus where the event log and so on are). Do you have a /webgateway folder under /opt? https://docs.intersystems.com/iris20221/csp/docbook/DocBook.UI.Page.cls?KEY=GCGI_altApUnix Alex Woodhead · Jul 11 $ sudo find / -name "CSP.log" 2>/dev/null Also if selinux enabled and blocking:$ sestatusSELinux status: enabled Validate. (Example correct path as location above) $ ls -Z /opt/webgateway/logs/CSP.log Correction. (Example correct path as location above) $ sudo semanage fcontext -a -t httpd_log_t /opt/webgateway/logs/CSP.log$ sudo restorecon -v /opt/webgateway/logs/CSP.log Paul Coviello · Jul 11 hmm no I have cspgateway and I'm running RHEL 7 find / -name "CSP.log" 2>/dev/null/opt/cspgateway/bin/CSP.log/DSA200/cachesys/csp/bin/CSP.log[root@facstestlinux localusers]# ls -Z /opt/cspgatewaydrwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 apachedrwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 bindrwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 cachedrwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 util and root@facstestlinux localusers]# ls -Z /DSA200/cachesys/csp drwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 bindrwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 broker-rw-rw-r--. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 Default.cspdrwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 docbook-rw-rw-r--. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 favicon.icodrwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 samplesdrwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 sysdrwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 user Alex Woodhead · Jul 11 If httpd is running under user "apache", in group "apache" Then might need to chown: sudo chown apache:apache /opt/cspgateway/bin/CSP.log Then the "rwx" on group would allow the write. Paul Coviello · Jul 11 still not working and I tried the whole dir after just doing the log file also restarted httpd and nada... [root@facstestlinux localusers]# chown apache:apache /opt/cspgateway/bin/*[root@facstestlinux localusers]# ls -Z /opt/cspgateway/bin-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 cconnect.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa22.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa22Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa24.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa24Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa2.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa2Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSP.bak-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPcgi-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPcgiSys-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSP.ini-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSP.log-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPn3.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPn3Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPnsd-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPRT.ini-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 libcrypto.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 libssl.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 libz.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp22.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp24.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp2.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 nph-CSPcgi-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 nph-CSPcgiSysdrwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 temp Alex Woodhead · Jul 11 Taking a step back and please don't be offended but I just wanted to confirm something.When accessing the Web Gateway does the URL in the browser contain the superserver port number.ie: Is this: http://servername:52773/csp/bin/Systems/Module.cxw (Internal WebServer)or http://servername/csp/bin/Systems/Module.cxw (External WebServer) Also...In the Web Gateway under Configuration -> Default Parameters.Do you have a non-default value set for "Event Log File" Jeffrey Drumm · Jul 13 EDIT: Sorry, didn't notice that Alex Woodhead had already provided this answer ... If SELinux is enabled, you may need to run the following commands as root: # semanage fcontext -a -t httpd_sys_rw_content_t '/opt/webgateway/logs/CSP.log' # restorecon -v '/opt/webgateway/logs/CSP.log' Note that the '#' character represents the root account prompt and is not part of the command. Paul Coviello · Jul 13 I didn't realize that selinux was part of RHEL and I changed the path to reflect where the log files is. facstestlinux mgr]# semanage fcontext -a -t httpd_sys_rw_content_t '/opt/cspgateway/bin/CSP.log'[root@facstestlinux mgr]# restorecon -v '/opt/cspgateway/bin/CSP.log'restorecon reset /opt/cspgateway/bin/CSP.log context unconfined_u:object_r:usr_t:s0->unconfined_u:object_r:httpd_sys_rw_content_t:s0[root@facstestlinux mgr]# Paul Coviello · Jul 13 and voila! but I cannot login! sigh Jeffrey Drumm · Jul 13 What error are you getting when you attempt to log in? Paul Coviello · Jul 13 fixed that and had to run setsebool -P httpd_can_network_connect on and it works thank you for all your help I learned new things today!!! thanks Paul Jeffrey Drumm · Jul 13 At some point I encoutered a problem that required I also run this command: setsebool -P httpd_unified 1 I can't remember what it fixed, but I do know by the fact that I made a note of it that it fixed something ... Log in or sign up Log in or create a new account to continue Log inSign up Log in or sign up Log in or create a new account to continue Log inSign up Log in or sign up Log in or create a new account to continue Log inSign up
Vic Sun · Jul 8 Hi Paul, This depends on the details of how your web server and gateway were set up. Are you unable to log in to the gateway management page? That would normally tell you where the gateway is installed (and thus where the event log and so on are). Do you have a /webgateway folder under /opt? https://docs.intersystems.com/iris20221/csp/docbook/DocBook.UI.Page.cls?KEY=GCGI_altApUnix Alex Woodhead · Jul 11 $ sudo find / -name "CSP.log" 2>/dev/null Also if selinux enabled and blocking:$ sestatusSELinux status: enabled Validate. (Example correct path as location above) $ ls -Z /opt/webgateway/logs/CSP.log Correction. (Example correct path as location above) $ sudo semanage fcontext -a -t httpd_log_t /opt/webgateway/logs/CSP.log$ sudo restorecon -v /opt/webgateway/logs/CSP.log Paul Coviello · Jul 11 hmm no I have cspgateway and I'm running RHEL 7 find / -name "CSP.log" 2>/dev/null/opt/cspgateway/bin/CSP.log/DSA200/cachesys/csp/bin/CSP.log[root@facstestlinux localusers]# ls -Z /opt/cspgatewaydrwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 apachedrwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 bindrwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 cachedrwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 util and root@facstestlinux localusers]# ls -Z /DSA200/cachesys/csp drwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 bindrwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 broker-rw-rw-r--. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 Default.cspdrwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 docbook-rw-rw-r--. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 favicon.icodrwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 samplesdrwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 sysdrwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 user Alex Woodhead · Jul 11 If httpd is running under user "apache", in group "apache" Then might need to chown: sudo chown apache:apache /opt/cspgateway/bin/CSP.log Then the "rwx" on group would allow the write. Paul Coviello · Jul 11 still not working and I tried the whole dir after just doing the log file also restarted httpd and nada... [root@facstestlinux localusers]# chown apache:apache /opt/cspgateway/bin/*[root@facstestlinux localusers]# ls -Z /opt/cspgateway/bin-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 cconnect.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa22.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa22Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa24.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa24Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa2.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa2Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSP.bak-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPcgi-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPcgiSys-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSP.ini-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSP.log-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPn3.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPn3Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPnsd-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPRT.ini-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 libcrypto.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 libssl.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 libz.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp22.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp24.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp2.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 nph-CSPcgi-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 nph-CSPcgiSysdrwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 temp Alex Woodhead · Jul 11 Taking a step back and please don't be offended but I just wanted to confirm something.When accessing the Web Gateway does the URL in the browser contain the superserver port number.ie: Is this: http://servername:52773/csp/bin/Systems/Module.cxw (Internal WebServer)or http://servername/csp/bin/Systems/Module.cxw (External WebServer) Also...In the Web Gateway under Configuration -> Default Parameters.Do you have a non-default value set for "Event Log File" Jeffrey Drumm · Jul 13 EDIT: Sorry, didn't notice that Alex Woodhead had already provided this answer ... If SELinux is enabled, you may need to run the following commands as root: # semanage fcontext -a -t httpd_sys_rw_content_t '/opt/webgateway/logs/CSP.log' # restorecon -v '/opt/webgateway/logs/CSP.log' Note that the '#' character represents the root account prompt and is not part of the command. Paul Coviello · Jul 13 I didn't realize that selinux was part of RHEL and I changed the path to reflect where the log files is. facstestlinux mgr]# semanage fcontext -a -t httpd_sys_rw_content_t '/opt/cspgateway/bin/CSP.log'[root@facstestlinux mgr]# restorecon -v '/opt/cspgateway/bin/CSP.log'restorecon reset /opt/cspgateway/bin/CSP.log context unconfined_u:object_r:usr_t:s0->unconfined_u:object_r:httpd_sys_rw_content_t:s0[root@facstestlinux mgr]# Paul Coviello · Jul 13 and voila! but I cannot login! sigh Jeffrey Drumm · Jul 13 What error are you getting when you attempt to log in? Paul Coviello · Jul 13 fixed that and had to run setsebool -P httpd_can_network_connect on and it works thank you for all your help I learned new things today!!! thanks Paul Jeffrey Drumm · Jul 13 At some point I encoutered a problem that required I also run this command: setsebool -P httpd_unified 1 I can't remember what it fixed, but I do know by the fact that I made a note of it that it fixed something ... Log in or sign up Log in or create a new account to continue Log inSign up Log in or sign up Log in or create a new account to continue Log inSign up Log in or sign up Log in or create a new account to continue Log inSign up
Alex Woodhead · Jul 11 $ sudo find / -name "CSP.log" 2>/dev/null Also if selinux enabled and blocking:$ sestatusSELinux status: enabled Validate. (Example correct path as location above) $ ls -Z /opt/webgateway/logs/CSP.log Correction. (Example correct path as location above) $ sudo semanage fcontext -a -t httpd_log_t /opt/webgateway/logs/CSP.log$ sudo restorecon -v /opt/webgateway/logs/CSP.log Paul Coviello · Jul 11 hmm no I have cspgateway and I'm running RHEL 7 find / -name "CSP.log" 2>/dev/null/opt/cspgateway/bin/CSP.log/DSA200/cachesys/csp/bin/CSP.log[root@facstestlinux localusers]# ls -Z /opt/cspgatewaydrwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 apachedrwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 bindrwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 cachedrwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 util and root@facstestlinux localusers]# ls -Z /DSA200/cachesys/csp drwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 bindrwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 broker-rw-rw-r--. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 Default.cspdrwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 docbook-rw-rw-r--. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 favicon.icodrwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 samplesdrwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 sysdrwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 user Alex Woodhead · Jul 11 If httpd is running under user "apache", in group "apache" Then might need to chown: sudo chown apache:apache /opt/cspgateway/bin/CSP.log Then the "rwx" on group would allow the write. Paul Coviello · Jul 11 still not working and I tried the whole dir after just doing the log file also restarted httpd and nada... [root@facstestlinux localusers]# chown apache:apache /opt/cspgateway/bin/*[root@facstestlinux localusers]# ls -Z /opt/cspgateway/bin-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 cconnect.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa22.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa22Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa24.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa24Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa2.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa2Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSP.bak-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPcgi-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPcgiSys-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSP.ini-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSP.log-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPn3.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPn3Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPnsd-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPRT.ini-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 libcrypto.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 libssl.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 libz.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp22.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp24.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp2.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 nph-CSPcgi-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 nph-CSPcgiSysdrwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 temp Alex Woodhead · Jul 11 Taking a step back and please don't be offended but I just wanted to confirm something.When accessing the Web Gateway does the URL in the browser contain the superserver port number.ie: Is this: http://servername:52773/csp/bin/Systems/Module.cxw (Internal WebServer)or http://servername/csp/bin/Systems/Module.cxw (External WebServer) Also...In the Web Gateway under Configuration -> Default Parameters.Do you have a non-default value set for "Event Log File" Jeffrey Drumm · Jul 13 EDIT: Sorry, didn't notice that Alex Woodhead had already provided this answer ... If SELinux is enabled, you may need to run the following commands as root: # semanage fcontext -a -t httpd_sys_rw_content_t '/opt/webgateway/logs/CSP.log' # restorecon -v '/opt/webgateway/logs/CSP.log' Note that the '#' character represents the root account prompt and is not part of the command. Paul Coviello · Jul 13 I didn't realize that selinux was part of RHEL and I changed the path to reflect where the log files is. facstestlinux mgr]# semanage fcontext -a -t httpd_sys_rw_content_t '/opt/cspgateway/bin/CSP.log'[root@facstestlinux mgr]# restorecon -v '/opt/cspgateway/bin/CSP.log'restorecon reset /opt/cspgateway/bin/CSP.log context unconfined_u:object_r:usr_t:s0->unconfined_u:object_r:httpd_sys_rw_content_t:s0[root@facstestlinux mgr]# Paul Coviello · Jul 13 and voila! but I cannot login! sigh Jeffrey Drumm · Jul 13 What error are you getting when you attempt to log in? Paul Coviello · Jul 13 fixed that and had to run setsebool -P httpd_can_network_connect on and it works thank you for all your help I learned new things today!!! thanks Paul Jeffrey Drumm · Jul 13 At some point I encoutered a problem that required I also run this command: setsebool -P httpd_unified 1 I can't remember what it fixed, but I do know by the fact that I made a note of it that it fixed something ... Log in or sign up Log in or create a new account to continue Log inSign up Log in or sign up Log in or create a new account to continue Log inSign up Log in or sign up Log in or create a new account to continue Log inSign up
Paul Coviello · Jul 11 hmm no I have cspgateway and I'm running RHEL 7 find / -name "CSP.log" 2>/dev/null/opt/cspgateway/bin/CSP.log/DSA200/cachesys/csp/bin/CSP.log[root@facstestlinux localusers]# ls -Z /opt/cspgatewaydrwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 apachedrwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 bindrwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 cachedrwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 util and root@facstestlinux localusers]# ls -Z /DSA200/cachesys/csp drwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 bindrwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 broker-rw-rw-r--. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 Default.cspdrwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 docbook-rw-rw-r--. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 favicon.icodrwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 samplesdrwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 sysdrwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 user Alex Woodhead · Jul 11 If httpd is running under user "apache", in group "apache" Then might need to chown: sudo chown apache:apache /opt/cspgateway/bin/CSP.log Then the "rwx" on group would allow the write. Paul Coviello · Jul 11 still not working and I tried the whole dir after just doing the log file also restarted httpd and nada... [root@facstestlinux localusers]# chown apache:apache /opt/cspgateway/bin/*[root@facstestlinux localusers]# ls -Z /opt/cspgateway/bin-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 cconnect.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa22.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa22Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa24.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa24Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa2.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa2Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSP.bak-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPcgi-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPcgiSys-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSP.ini-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSP.log-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPn3.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPn3Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPnsd-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPRT.ini-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 libcrypto.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 libssl.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 libz.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp22.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp24.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp2.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 nph-CSPcgi-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 nph-CSPcgiSysdrwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 temp Alex Woodhead · Jul 11 Taking a step back and please don't be offended but I just wanted to confirm something.When accessing the Web Gateway does the URL in the browser contain the superserver port number.ie: Is this: http://servername:52773/csp/bin/Systems/Module.cxw (Internal WebServer)or http://servername/csp/bin/Systems/Module.cxw (External WebServer) Also...In the Web Gateway under Configuration -> Default Parameters.Do you have a non-default value set for "Event Log File" Jeffrey Drumm · Jul 13 EDIT: Sorry, didn't notice that Alex Woodhead had already provided this answer ... If SELinux is enabled, you may need to run the following commands as root: # semanage fcontext -a -t httpd_sys_rw_content_t '/opt/webgateway/logs/CSP.log' # restorecon -v '/opt/webgateway/logs/CSP.log' Note that the '#' character represents the root account prompt and is not part of the command. Paul Coviello · Jul 13 I didn't realize that selinux was part of RHEL and I changed the path to reflect where the log files is. facstestlinux mgr]# semanage fcontext -a -t httpd_sys_rw_content_t '/opt/cspgateway/bin/CSP.log'[root@facstestlinux mgr]# restorecon -v '/opt/cspgateway/bin/CSP.log'restorecon reset /opt/cspgateway/bin/CSP.log context unconfined_u:object_r:usr_t:s0->unconfined_u:object_r:httpd_sys_rw_content_t:s0[root@facstestlinux mgr]# Paul Coviello · Jul 13 and voila! but I cannot login! sigh Jeffrey Drumm · Jul 13 What error are you getting when you attempt to log in? Paul Coviello · Jul 13 fixed that and had to run setsebool -P httpd_can_network_connect on and it works thank you for all your help I learned new things today!!! thanks Paul Jeffrey Drumm · Jul 13 At some point I encoutered a problem that required I also run this command: setsebool -P httpd_unified 1 I can't remember what it fixed, but I do know by the fact that I made a note of it that it fixed something ... Log in or sign up Log in or create a new account to continue Log inSign up Log in or sign up Log in or create a new account to continue Log inSign up Log in or sign up Log in or create a new account to continue Log inSign up
Alex Woodhead · Jul 11 If httpd is running under user "apache", in group "apache" Then might need to chown: sudo chown apache:apache /opt/cspgateway/bin/CSP.log Then the "rwx" on group would allow the write. Paul Coviello · Jul 11 still not working and I tried the whole dir after just doing the log file also restarted httpd and nada... [root@facstestlinux localusers]# chown apache:apache /opt/cspgateway/bin/*[root@facstestlinux localusers]# ls -Z /opt/cspgateway/bin-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 cconnect.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa22.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa22Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa24.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa24Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa2.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa2Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSP.bak-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPcgi-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPcgiSys-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSP.ini-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSP.log-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPn3.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPn3Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPnsd-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPRT.ini-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 libcrypto.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 libssl.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 libz.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp22.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp24.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp2.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 nph-CSPcgi-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 nph-CSPcgiSysdrwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 temp Alex Woodhead · Jul 11 Taking a step back and please don't be offended but I just wanted to confirm something.When accessing the Web Gateway does the URL in the browser contain the superserver port number.ie: Is this: http://servername:52773/csp/bin/Systems/Module.cxw (Internal WebServer)or http://servername/csp/bin/Systems/Module.cxw (External WebServer) Also...In the Web Gateway under Configuration -> Default Parameters.Do you have a non-default value set for "Event Log File" Jeffrey Drumm · Jul 13 EDIT: Sorry, didn't notice that Alex Woodhead had already provided this answer ... If SELinux is enabled, you may need to run the following commands as root: # semanage fcontext -a -t httpd_sys_rw_content_t '/opt/webgateway/logs/CSP.log' # restorecon -v '/opt/webgateway/logs/CSP.log' Note that the '#' character represents the root account prompt and is not part of the command. Paul Coviello · Jul 13 I didn't realize that selinux was part of RHEL and I changed the path to reflect where the log files is. facstestlinux mgr]# semanage fcontext -a -t httpd_sys_rw_content_t '/opt/cspgateway/bin/CSP.log'[root@facstestlinux mgr]# restorecon -v '/opt/cspgateway/bin/CSP.log'restorecon reset /opt/cspgateway/bin/CSP.log context unconfined_u:object_r:usr_t:s0->unconfined_u:object_r:httpd_sys_rw_content_t:s0[root@facstestlinux mgr]# Paul Coviello · Jul 13 and voila! but I cannot login! sigh Jeffrey Drumm · Jul 13 What error are you getting when you attempt to log in? Paul Coviello · Jul 13 fixed that and had to run setsebool -P httpd_can_network_connect on and it works thank you for all your help I learned new things today!!! thanks Paul Jeffrey Drumm · Jul 13 At some point I encoutered a problem that required I also run this command: setsebool -P httpd_unified 1 I can't remember what it fixed, but I do know by the fact that I made a note of it that it fixed something ... Log in or sign up Log in or create a new account to continue Log inSign up Log in or sign up Log in or create a new account to continue Log inSign up Log in or sign up Log in or create a new account to continue Log inSign up
Paul Coviello · Jul 11 still not working and I tried the whole dir after just doing the log file also restarted httpd and nada... [root@facstestlinux localusers]# chown apache:apache /opt/cspgateway/bin/*[root@facstestlinux localusers]# ls -Z /opt/cspgateway/bin-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 cconnect.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa22.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa22Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa24.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa24Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa2.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa2Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSP.bak-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPcgi-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPcgiSys-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSP.ini-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSP.log-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPn3.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPn3Sys.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPnsd-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPRT.ini-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 libcrypto.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 libssl.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 libz.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp22.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp24.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp2.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp.so-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 nph-CSPcgi-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 nph-CSPcgiSysdrwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 temp Alex Woodhead · Jul 11 Taking a step back and please don't be offended but I just wanted to confirm something.When accessing the Web Gateway does the URL in the browser contain the superserver port number.ie: Is this: http://servername:52773/csp/bin/Systems/Module.cxw (Internal WebServer)or http://servername/csp/bin/Systems/Module.cxw (External WebServer) Also...In the Web Gateway under Configuration -> Default Parameters.Do you have a non-default value set for "Event Log File"
Alex Woodhead · Jul 11 Taking a step back and please don't be offended but I just wanted to confirm something.When accessing the Web Gateway does the URL in the browser contain the superserver port number.ie: Is this: http://servername:52773/csp/bin/Systems/Module.cxw (Internal WebServer)or http://servername/csp/bin/Systems/Module.cxw (External WebServer) Also...In the Web Gateway under Configuration -> Default Parameters.Do you have a non-default value set for "Event Log File"
Jeffrey Drumm · Jul 13 EDIT: Sorry, didn't notice that Alex Woodhead had already provided this answer ... If SELinux is enabled, you may need to run the following commands as root: # semanage fcontext -a -t httpd_sys_rw_content_t '/opt/webgateway/logs/CSP.log' # restorecon -v '/opt/webgateway/logs/CSP.log' Note that the '#' character represents the root account prompt and is not part of the command. Paul Coviello · Jul 13 I didn't realize that selinux was part of RHEL and I changed the path to reflect where the log files is. facstestlinux mgr]# semanage fcontext -a -t httpd_sys_rw_content_t '/opt/cspgateway/bin/CSP.log'[root@facstestlinux mgr]# restorecon -v '/opt/cspgateway/bin/CSP.log'restorecon reset /opt/cspgateway/bin/CSP.log context unconfined_u:object_r:usr_t:s0->unconfined_u:object_r:httpd_sys_rw_content_t:s0[root@facstestlinux mgr]# Paul Coviello · Jul 13 and voila! but I cannot login! sigh Jeffrey Drumm · Jul 13 What error are you getting when you attempt to log in? Paul Coviello · Jul 13 fixed that and had to run setsebool -P httpd_can_network_connect on and it works thank you for all your help I learned new things today!!! thanks Paul Jeffrey Drumm · Jul 13 At some point I encoutered a problem that required I also run this command: setsebool -P httpd_unified 1 I can't remember what it fixed, but I do know by the fact that I made a note of it that it fixed something ...
Paul Coviello · Jul 13 I didn't realize that selinux was part of RHEL and I changed the path to reflect where the log files is. facstestlinux mgr]# semanage fcontext -a -t httpd_sys_rw_content_t '/opt/cspgateway/bin/CSP.log'[root@facstestlinux mgr]# restorecon -v '/opt/cspgateway/bin/CSP.log'restorecon reset /opt/cspgateway/bin/CSP.log context unconfined_u:object_r:usr_t:s0->unconfined_u:object_r:httpd_sys_rw_content_t:s0[root@facstestlinux mgr]# Paul Coviello · Jul 13 and voila! but I cannot login! sigh Jeffrey Drumm · Jul 13 What error are you getting when you attempt to log in? Paul Coviello · Jul 13 fixed that and had to run setsebool -P httpd_can_network_connect on and it works thank you for all your help I learned new things today!!! thanks Paul Jeffrey Drumm · Jul 13 At some point I encoutered a problem that required I also run this command: setsebool -P httpd_unified 1 I can't remember what it fixed, but I do know by the fact that I made a note of it that it fixed something ...
Paul Coviello · Jul 13 and voila! but I cannot login! sigh Jeffrey Drumm · Jul 13 What error are you getting when you attempt to log in? Paul Coviello · Jul 13 fixed that and had to run setsebool -P httpd_can_network_connect on and it works thank you for all your help I learned new things today!!! thanks Paul Jeffrey Drumm · Jul 13 At some point I encoutered a problem that required I also run this command: setsebool -P httpd_unified 1 I can't remember what it fixed, but I do know by the fact that I made a note of it that it fixed something ...
Jeffrey Drumm · Jul 13 What error are you getting when you attempt to log in? Paul Coviello · Jul 13 fixed that and had to run setsebool -P httpd_can_network_connect on and it works thank you for all your help I learned new things today!!! thanks Paul Jeffrey Drumm · Jul 13 At some point I encoutered a problem that required I also run this command: setsebool -P httpd_unified 1 I can't remember what it fixed, but I do know by the fact that I made a note of it that it fixed something ...
Paul Coviello · Jul 13 fixed that and had to run setsebool -P httpd_can_network_connect on and it works thank you for all your help I learned new things today!!! thanks Paul Jeffrey Drumm · Jul 13 At some point I encoutered a problem that required I also run this command: setsebool -P httpd_unified 1 I can't remember what it fixed, but I do know by the fact that I made a note of it that it fixed something ...
Jeffrey Drumm · Jul 13 At some point I encoutered a problem that required I also run this command: setsebool -P httpd_unified 1 I can't remember what it fixed, but I do know by the fact that I made a note of it that it fixed something ...
.png)
In the same directory you have your custom CSP.ini.
Hi Paul,
This depends on the details of how your web server and gateway were set up. Are you unable to log in to the gateway management page? That would normally tell you where the gateway is installed (and thus where the event log and so on are).
Do you have a /webgateway folder under /opt?
https://docs.intersystems.com/iris20221/csp/docbook/DocBook.UI.Page.cls?KEY=GCGI_altApUnix
$ sudo find / -name "CSP.log" 2>/dev/null
Also if selinux enabled and blocking:
$ sestatus
SELinux status: enabled
Validate. (Example correct path as location above)
$ ls -Z /opt/webgateway/logs/CSP.log
Correction. (Example correct path as location above)
$ sudo semanage fcontext -a -t httpd_log_t /opt/webgateway/logs/CSP.log
$ sudo restorecon -v /opt/webgateway/logs/CSP.log
hmm no I have cspgateway and I'm running RHEL 7
find / -name "CSP.log" 2>/dev/null
/opt/cspgateway/bin/CSP.log
/DSA200/cachesys/csp/bin/CSP.log
[root@facstestlinux localusers]# ls -Z /opt/cspgateway
drwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 apache
drwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 bin
drwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 cache
drwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 util
and
root@facstestlinux localusers]# ls -Z /DSA200/cachesys/csp
drwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 bin
drwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 broker
-rw-rw-r--. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 Default.csp
drwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 docbook
-rw-rw-r--. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 favicon.ico
drwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 samples
drwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 sys
drwxrwxr-x. cacheusr cacheusr unconfined_u:object_r:unlabeled_t:s0 user
If httpd is running under user "apache", in group "apache"
Then might need to chown:
sudo chown apache:apache /opt/cspgateway/bin/CSP.log
Then the "rwx" on group would allow the write.
still not working and I tried the whole dir after just doing the log file also restarted httpd and nada...
[root@facstestlinux localusers]# chown apache:apache /opt/cspgateway/bin/*
[root@facstestlinux localusers]# ls -Z /opt/cspgateway/bin
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 cconnect.so
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa22.so
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa22Sys.so
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa24.so
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa24Sys.so
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa2.so
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPa2Sys.so
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSP.bak
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPcgi
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPcgiSys
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSP.ini
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSP.log
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPn3.so
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPn3Sys.so
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPnsd
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 CSPRT.ini
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 libcrypto.so
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 libssl.so
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 libz.so
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp22.so
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp24.so
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp2.so
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 mod_csp.so
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 nph-CSPcgi
-rwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 nph-CSPcgiSys
drwxrwxrwx. apache apache unconfined_u:object_r:usr_t:s0 temp
Taking a step back and please don't be offended but I just wanted to confirm something.
When accessing the Web Gateway does the URL in the browser contain the superserver port number.
ie: Is this: http://servername:52773/csp/bin/Systems/Module.cxw (Internal WebServer)
or http://servername/csp/bin/Systems/Module.cxw (External WebServer)
Also...
In the Web Gateway under Configuration -> Default Parameters.
Do you have a non-default value set for "Event Log File"
EDIT: Sorry, didn't notice that Alex Woodhead had already provided this answer ...
If SELinux is enabled, you may need to run the following commands as root:
Note that the '#' character represents the root account prompt and is not part of the command.
I didn't realize that selinux was part of RHEL and I changed the path to reflect where the log files is.
facstestlinux mgr]# semanage fcontext -a -t httpd_sys_rw_content_t '/opt/cspgateway/bin/CSP.log'
[root@facstestlinux mgr]# restorecon -v '/opt/cspgateway/bin/CSP.log'
restorecon reset /opt/cspgateway/bin/CSP.log context unconfined_u:object_r:usr_t:s0->unconfined_u:object_r:httpd_sys_rw_content_t:s0
[root@facstestlinux mgr]#
and voila! but I cannot login! sigh
What error are you getting when you attempt to log in?
fixed that and had to run setsebool -P httpd_can_network_connect on
and it works thank you for all your help I learned new things today!!!
thanks
Paul
At some point I encoutered a problem that required I also run this command:
I can't remember what it fixed, but I do know by the fact that I made a note of it that it fixed something ...
Social networks
InterSystems resources
Log in or sign up
Log in or create a new account to continue
Log in or sign up
Log in or create a new account to continue
Log in or sign up
Log in or create a new account to continue