Cream[DONut] wrote:
There are a couple of ways to handle this. This is in the order of most protection.Hello,
My problem is this:
I host some small PHP & MySQL websites for friends and family, they have their VirtualHost DocumentRoot's in "/home/[name]/www" (and is working fine with SELinux disabled).
I am running SELinux with SELINUX=enforcing, SELINUXTYPE=targeted.
SELinux seems to be blocking httpd from accessing /home/name/www, atleast when trying to start apache it complains:
Starting httpd: Warning: DocumentRoot [/home/xxxxxx/www] does not exist
Warning: DocumentRoot [/home/yyyyy/www] does not exist
[FAILED]
1. In order to maintain the SELinux protection on Apache, you could change the context of the directrory and files you wish to share.
a chcon -t -R httpd_user_content_t /home/*/www
b Then restart apache and try to access the pages. service httpd restart
2. You can disable SELinux protextion for apache.
a. Run selinux-config-securitylevel and select the SELinux tab.
b. In the Modify SELinux Policy box, select the transitions list item and expand.
c. Check the Disable SELinux protection for httpd daemon line.
d. Click ok
e. Restart apache
service httpd restart
3. Disable SELinux
a. Run selinux-config-securitylevel and select the SELinux tab.
b. UnClick Enabled
c. Click Ok
d. Reboot.
