Re: httpd cannot read httpd-manual

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2 Apr 2004 18:05:02 +0200
Carsten Grohmann <carstengrohmann@xxxxxx> wrote:

> On Freitag, 2. April 2004 16:15, Karl DeBisschop wrote:
> 
> > Apr  2 04:09:33 xxxxx kernel: audit(1080896972.999:0): avc: 
> > denied  { getattr } for  pid=1156 exe=/usr/sbin/httpd
> > path=/var/www/manual/index.html dev=md0 ino=1473314
> > scontext=system_u:system_r:httpd_t
> > tcontext=system_u:object_r:var_t tclass=file
> 
> Maybe you should relabel the webserver files with 
> httpd_sys_context_t or look into <path to 
> policy>/file_contexts/program/apache.fc change apaches path 
> settings.

FWIW, it works if you add adding these lines to
/etc/security/selinux/src/policy/file_contexts/program/apache.fc:

/var/www/manual(/.*)?             system_u:object_r:httpd_sys_content_t
/var/www/error(/.*)?             system_u:object_r:httpd_sys_content_t

then:

make -C /etc/security/selinux/src/policy
/sbin/fixfiles relabel

Presumably something like that sort of change can make it into
the vext update of policy.

-- 
Karl DeBisschop (kdebisschop@xxxxxxxxxxxxxx)
Pearson Education/Infoplease (http://www.infoplease.com)

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux