Re: SELinux context for web application directories

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Not sure if this got through - nixspam was being aggravating, so I'm
reposting.

James B. Byrne wrote:
> CentOS-6.5

> We deploy web applications written with the Ruby on Rails framework
using Capistrano (2.x).  Each 'family' of web applications are 'owned' by
a dedicated user id.  The present httpd service is Apache 2.2.15 and we
use Passenger 3.0.11.  We are moving shortly to a new deployment host and
at
that
> time we will be updating to Apache 2.4.9 and Passenger 4..0.25.

> Our deployment practice is to place the 'family' directory under
/var/data/.
> This is the home directory of the application user id. We place each
individual web application or component into its own directory
underneath the
> family root.  So that things look like this:

 passenger_exec_t, etc.
<http://linuxmanpages.net/manpages/fedora17/man8/passenger_selinux.8.html>

And if you google anything else, note: DO NOT USE CHCON; it does *NOT*
remain following a reboot. Use semanage fcontext (and the manpage example
is what I use all the time), followed by a restorecon -Rv

        mark





_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux