Re: SELinux & apache/httpd access to /home/*/www

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Cream[DONut] wrote:

Hello,

My problem is this:
I host some small PHP & MySQL websites for friends and family, they have their VirtualHost DocumentRoot's in "/home/[name]/www" (and is working fine with SELinux disabled).


I am running SELinux with SELINUX=enforcing, SELINUXTYPE=targeted.

SELinux seems to be blocking httpd from accessing /home/name/www, atleast when trying to start apache it complains:
Starting httpd: Warning: DocumentRoot [/home/xxxxxx/www] does not exist
Warning: DocumentRoot [/home/yyyyy/www] does not exist
[FAILED]


There are a couple of ways to handle this. This is in the order of most protection.

1. In order to maintain the SELinux protection on Apache, you could change the context of the directrory and files you wish to share.
a chcon -t -R httpd_user_content_t /home/*/www
b Then restart apache and try to access the pages. service httpd restart


2. You can disable SELinux protextion for apache.
a. Run selinux-config-securitylevel and select the SELinux tab.
b. In the Modify SELinux Policy box, select the transitions list item and expand.
c. Check the Disable SELinux protection for httpd daemon line.
d. Click ok
e. Restart apache
service httpd restart
3. Disable SELinux
a. Run selinux-config-securitylevel and select the SELinux tab.
b. UnClick Enabled
c. Click Ok
d. Reboot.

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux