Interesting, but I can't do anything until around the 9th. On 12/30/2016 01:08 AM, Gordon Messmer wrote:
type=AVC msg=audit(1482944350.289:339): avc: denied { read } for pid=2141 comm="httpd" name="family" dev="sda3" ino=262199 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:httpd_user_content_t:s0 tclass=dir permissive=0I ran into the same problem, I think. I ran "audit2why" and passed in the AVC. It suggested a pair of booleans I've never seen before. # audit2why type=AVC msg=audit(1483077583.703:1539671): avc: denied { read } for pid=11162 comm="httpd" name="courier-pythonfilter" dev="dm-0" ino=533228 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:httpd_user_content_t:s0 tclass=dir Was caused by: One of the following booleans was set incorrectly. Description: Allow httpd to read user content Allow access by executing: # setsebool -P httpd_read_user_content 1 Description: Allow httpd to unified Allow access by executing: # setsebool -P httpd_unified 1 # setsebool -P httpd_read_user_content 1 ... and setting one of them fixed the problem. I don't see a bug filed for this. Can anyone else confirm that httpd_enable_homedirs doesn't work as it did before 7.3? I suspect it's not widely used and the bug may not have been noticed yet. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos
