Re: Forbidden: can't access *.html files in /var/www/html

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 30/09/10 3:21 AM, Simon Billis wrote:
> 
> You can use "setenforce 0" without the quotes to disable selinux from the
> command line till next reboot or until you issue "setenforce 1" - this is
> useful for testing as is looking at /var/log/audit/audit.log and also using
> commands such as audit2why and audit2allow (I strongly recommend reading at
> least the man pages and also such websites as
> http://www.nsa.gov/research/selinux/docs.shtml (google selinux))

In addition to that URL, this document (which I didn't see listed,
probably due to the publication date) looks very useful:

http://www.nsa.gov/ia/_files/os/redhat/rhel5-guide-i731.pdf

I'd second reading as much as possible on SELinux before diving into it,
as there are more than a few gotchas.  Especially when enabling and
disabling it and knowing when a reboot is necessary when enabling or
re-enabling it.


Regards,
Ben


Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux